RE: http://wiki.linuxfromscratch.org/blfs/ticket/6566#comment:2
Replying to [comment:2 pierre.labastie]:
> I have a problem with the "https" part:
> when using wget, I get:
> {{{
> --2015-06-07 13:15:57--
https://archive.apache.org/dist/ant/source/apache-ant-1.9.5-src.tar.bz2
> Resolving archive.apache.org... 140.211.11.131, 192.87.106.229,
2001:610:1:80bc:192:87:106:229
> Connecting to archive.apache.org|140.211.11.131|:443... connected.
> ERROR: cannot verify archive.apache.org's certificate, issued by
'CN=Thawte SSL CA,O=Thawte\\, Inc.,C=US':
> Unable to locally verify the issuer's authority.
> To connect to archive.apache.org insecurely, use `--no-check-certificate'.
> }}}
> It work with firefox. I have the latest cacerts from anduin installed.
ISTR that I had the same problem, but forgot about it.
Solution he found was to reinstall wget with gnutls support.
We could add a comment in "Command Explanations"/"--with-ssl=openssl"
But reading the ticket raised by Bruce and closed by Pierre, there is an
indication already raised by Pierre:
RE: http://wiki.linuxfromscratch.org/blfs/ticket/6202#comment:7
Replying to [comment:7 pierre.labastie]:
> One more thing: When valgrind is used for tests, the tests using SSL
fail if openssl is used (some memory leak in libcrypto), while they do
not fail if gnutls is used. Should we move to recommend gnutls rather
than openssl? That also removes one switch from the configure
instructions...
I think Pierre is right, but still, shouldn't we also "unrecommend"
openssl or remove it from the page, or state that it breaks wget?
--
[]s,
Fernando
--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
