[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] wget seems to be "out of touch" with security (fails on m
|
From: |
Tim Rühsen |
|
Subject: |
Re: [Bug-wget] wget seems to be "out of touch" with security (fails on most (all?) http websites...(where browsers work) |
|
Date: |
Fri, 20 Dec 2013 19:35:21 +0100 |
|
User-agent: |
KMail/4.11.3 (Linux/3.11-2-amd64; KDE/4.11.3; x86_64; ; ) |
Am Freitag, 20. Dezember 2013, 09:03:43 schrieb L Walsh:
> But at the end of the update script, I notice a message:
> if ($foundignored)
> {
> print STDERR "\n* = CA Certificates in /etc/ssl/certs are only seen by
> some legacy applications.
> To install CA-Certificates globally move them to /etc/pki/trust/ancors
> instead!\n"; }
>
> Perhaps wget isn't using the new location?
Wget is using /etc/ssl/certs by default.
If the distribution uses a different directory, the package maintainer should
change the default directory either by providing a patch or by specifying the
directory in /etc/wgetrc.
Have a look into /etc/sl/certs and /etc/pki/trust/ancors, which of them fits
your needs.
Assuming you want /etc/pki/trust/ancors as the certificate directory, put it
into /etc/wgetrc (or into ~/.wgetrc):
cadirectory=/etc/pki/trust/ancors
BTW, the 'Go Daddy' certs are named here (Debian SID) Go_Daddy_*
It is a good idea to submit a bug report for the wget package of your dist (if
it hasn't already be done by someone else).
Regards, Tim
signature.asc
Description: This is a digitally signed message part.