The certs directory in 1.5.0 only has the root certificate for verifying ClamAV signature database (.cvd and .cdiff) digital signatures. Perhaps we could add the "GTS Root R4" root certificate if that is needed?
I saw an issue with freshclam SSL certificate checks failing on just one of our WIndows devices, an ARM64 Windows 11 device. I haven't seen it fail elsewhere, but perhaps some other software, like an openssl installation, added the certificate in advance of our testing. Respectfully, Val Valerie Snyder (she/they) ClamAV Development Talos Cisco Systems, Inc. ________________________________ From: clamav-users <[email protected]> on behalf of Steve Basford via clamav-users <[email protected]> Sent: Friday, October 10, 2025 9:02 AM To: ClamAV users ML <[email protected]> Cc: Steve Basford <[email protected]> Subject: Re: [clamav-users] Freshclam certificate verification failing on Windows On 10 October 2025 11:47:04 Paul Smith* via clamav-users <[email protected]> wrote: Since upgrading to ClamAV 1.4.3, we're having trouble with Freshclam on Windows failing to download definitions with this error WARNING: Download failed (60) WARNING: Message: SSL peer certificate or SSH remote key was not OK 1.5.0 is out and has a certs directory included.... does that version work for you? https://www.clamav.net/downloads clamav-1.5.0.win.x64.zip Cheers, Steve sanesecurity
_______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
