[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] wget feature request: support for SAN/UCC SSL Certs RFC 3

From: Wallance Hou
Subject: Re: [Bug-wget] wget feature request: support for SAN/UCC SSL Certs RFC 3280 part
Date: Fri, 25 Nov 2011 02:35:20 +0000

Ok, Still Many thanks for your kind reply. :)

What a big Headache with SAN/UCC!!!  

Best Regards 
Wallance hou

Bleum Incorporated
Wallance Hou
Network Engineer                                                 
Email: address@hidden
Cloud-9 Mansion 19F
Tel: 86-21-62821122
1118 West Yan'an Road.
Shanghai, P.R.C. 200052

This email may contain confidential information and/or copyright material. This 
email and any attachments are solely for the intended recipient.
If you are not the intended recipient, disclosure, copying, use or distribution 
of the information included in this message may be unlawful. please advise the 
sender immediately by using the reply facility in your email software, and 
immediately and permanently delete. 
Thank you for your cooperation.

-----Original Message-----
From: Jochen Roderburg [mailto:address@hidden 
Sent: Friday, November 25, 2011 5:23 AM
To: Wallance Hou
Cc: address@hidden
Subject: RE: [Bug-wget] wget feature request: support for SAN/UCC SSL Certs RFC 
3280 part

Zitat von Wallance Hou <address@hidden>:

>  Currently Does wget new version support or verify SAN/UCC SSL  
> certificate? If yes, but I tried to install wget 1.13.x, but there  
> still was issue as below. (gnutls-2.12.14 without p11-kit-1), Please  
> advie.
> address@hidden wget-1.13.4]# wget -v -O xx https://www.verisign.net
> --2011-11-23 19:07:54--  https://www.verisign.net/
> Resolving www.verisign.net (www.verisign.net)...
> Connecting to www.verisign.net  
> (www.verisign.net)||:443... connected.
> ERROR: The certificate of `www.verisign.net' is not trusted.
> ERROR: The certificate of `www.verisign.net' hasn't got a known issuer.
> address@hidden wget-1.13.4]#

Hi Wallace,

No idea what SAN/UCC means.
The wget messages look like it did not find the so-called CA  
certificates which are needed for the verification of the server  
certificates. It it possible that you have a CA-certificates pack on  
your Linux (as part of installed SSL/TLS libraries), it is often seen  
under a name like ca-bundle.crt or similar. I am not familiar enough  
with gnutls (I have my SSL-capable programs usually installed with  
OpenSSL) to know if this can be configured to automatically use such a  
file, but in any case you can give it to wget with the parameter  

Best Regards,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]