Hi, in addition to Ander Juaristi's posting:
Have you installed the package 'ca-certificates' ? Check with 'ls -la /etc/ssl/certs/' In my CygWin environment wget 1.16.3 downloads your example URL. Regards, Tim On Friday 28 August 2015 11:30:02 L Walsh wrote: > > wget > > "https://get.adobe.com/flashplayer/download/?installer=FP_18_for_Firefox_-_N > PAPI&os=Windows%207&browser_type=Gecko&browser_dist=Firefox&p=mss" > --2015-08-28 11:17:19-- > https://get.adobe.com/flashplayer/download/?installer=FP_18_for_Firefox_-_NP > API&os=Windows%207&browser_type=Gecko&browser_dist=Firefox&p=mss Resolving > webproxy (webproxy)... 192.168.4.1, 192.168.3.1 > Connecting to webproxy (webproxy)|192.168.4.1|:8118... connected. > ERROR: The certificate of ‘get.adobe.com’ is not trusted. > ERROR: The certificate of ‘get.adobe.com’ hasn't got a known issuer. > ----- > I went into my web browser (which doesn't seem to have an issue with the > cert), looked at the security for the page and exported the Security > Cert chain > to a ".crt" file. > > In windows, I could click on that to install the cert into Window's local > store and it was "imported successfully". > > But it seems wget still doesn't know how to use the native > machines cert-store. > > Shouldn't it be able to use the native host's cert store automatically, > or is there some extra magic words / switches I should have known to > use? > > ;-/ > > Ever since the cert checking was turned on in wget, the only way I've been > able to d/l secure stuff is to tell it to ignore the security, which seems > like it might be counter-productive. > > Seems alot like the standard security problem of it making it so difficult > to use, that people simply create an alias to never check security -- which > can't be better than before when I wasn't taught to turn off security (not > that I usually do, but it seems like that's the direction I'm being > "hurded"... > ;-) > > help? > > version info: > law.Bliss> wget --version > GNU Wget 1.16.1 built on cygwin. > > +digest +https +ipv6 +iri +large-file +nls +ntlm +opie -psl +ssl/gnutls > > Wgetrc: > /Users/law.Bliss/.wgetrc (user) > /etc/wgetrc (system) > Locale: > /usr/share/locale > Compile: > gcc -DHAVE_CONFIG_H -DSYSTEM_WGETRC="/etc/wgetrc" > -DLOCALEDIR="/usr/share/locale" -I. > -I/usr/src/wget-1.16.1-1.x86_64/src/wget-1.16.1/src -I../lib > -I/usr/src/wget-1.16.1-1.x86_64/src/wget-1.16.1/lib > -I/usr/include/uuid -I/usr/include/p11-kit-1 -DHAVE_LIBGNUTLS > -DNDEBUG -ggdb -O2 -pipe -Wimplicit-function-declaration > > -fdebug-prefix-map=/usr/src/wget-1.16.1-1.x86_64/build=/usr/src/debug/wget-1 > .16.1-1 > > > -fdebug-prefix-map=/usr/src/wget-1.16.1-1.x86_64/src/wget-1.16.1=/usr/src/de > bug/wget-1.16.1-1 > > Link: > gcc -I/usr/include/uuid -I/usr/include/p11-kit-1 -DHAVE_LIBGNUTLS > -DNDEBUG -ggdb -O2 -pipe -Wimplicit-function-declaration > > -fdebug-prefix-map=/usr/src/wget-1.16.1-1.x86_64/build=/usr/src/debug/wget-1 > .16.1-1 > > > -fdebug-prefix-map=/usr/src/wget-1.16.1-1.x86_64/src/wget-1.16.1=/usr/src/de > bug/wget-1.16.1-1 > > -liconv -lintl -lpcre -luuid -lnettle -lgnutls -lz -lintl -liconv > -lp11-kit -lgmp -lhogweed -lgmp -lnettle -ltasn1 -lp11-kit -lz -lz > -lidn ftp-opie.o gnutls.o http-ntlm.o ../lib/libgnu.a > > Copyright (C) 2014 Free Software Foundation, Inc. > License GPLv3+: GNU GPL version 3 or later > <http://www.gnu.org/licenses/gpl.html>. > This is free software: you are free to change and redistribute it. > There is NO WARRANTY, to the extent permitted by law. > > Originally written by Hrvoje Niksic <[email protected]>. > Please send bug reports and questions to <[email protected]>.
