Sorry, sending again, with (hopefully) better subject and reformatted lines.
RE: http://wiki.linuxfromscratch.org/blfs/ticket/6566#comment:2 Replying to [comment:2 pierre.labastie]: > I have a problem with the "https" part: > when using wget, I get: > {{{ > --2015-06-07 13:15:57-- > https://archive.apache.org/dist/ant/source/apache-ant-1.9.5-src.tar.bz2 > Resolving archive.apache.org... 140.211.11.131, 192.87.106.229, > 2001:610:1:80bc:192:87:106:229 > Connecting to archive.apache.org|140.211.11.131|:443... connected. > ERROR: cannot verify archive.apache.org's certificate, issued by > 'CN=Thawte SSL CA,O=Thawte\\, Inc.,C=US': > Unable to locally verify the issuer's authority. > To connect to archive.apache.org insecurely, use `--no-check-certificate'. > }}} > It work with firefox. I have the latest cacerts from anduin installed. ISTR that I had the same problem, but forgot about it. Solution he found was to reinstall wget with gnutls support. We could add a comment in "Command Explanations"/"--with-ssl=openssl" But reading the ticket raised by Bruce and closed by Pierre, there is an indication already raised by Pierre: RE: http://wiki.linuxfromscratch.org/blfs/ticket/6202#comment:7 Replying to [comment:7 pierre.labastie]: > One more thing: When valgrind is used for tests, the tests using SSL > fail if openssl is used (some memory leak in libcrypto), while they do > not fail if gnutls is used. Should we move to recommend gnutls rather > than openssl? That also removes one switch from the configure > instructions... I think Pierre is right, but still, shouldn't we also "unrecommend" openssl or remove it from the page, or state that it breaks wget? -- []s, Fernando -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
