Testing performed with Disco, Cosmic, Bionic, Xenial, and Trusty. The output is similar if not identical, so pasting just one test, from Disco.
(Web Server, HTTP/HTTPS redirect, setup not included, ping me if interested.) $ wget http://archive.ubuntu.com/ubuntu/dists/disco/main/installer- amd64/current/images/netboot/ubuntu-installer/amd64/{linux,initrd.gz} $ GUEST=disco $ virt-install \ --name $GUEST \ --vcpus 2 \ --memory 1024 \ --disk $GUEST.qcow2,bus=virtio,format=qcow2,size=8 \ --network bridge=virbr0,model=virtio \ --graphics none \ --import \ --boot \ kernel=linux,\ initrd=initrd.gz,\ kernel_args='console=ttyS0 url=http://192.168.122.1/preseed debian-installer/allow_unauthenticated_ssl=true' The installer hits an error when trying to get the preseed file: ┌──────────┤ [!!] Download debconf preconfiguration file ├──────────┐ │ │ │ Failed to retrieve the preconfiguration file │ │ The file needed for preconfiguration could not be retrieved from │ │ http://192.168.122.1/preseed. The installation will proceed in │ │ non-automated mode. │ │ │ │ <Continue> │ │ │ └───────────────────────────────────────────────────────────────────┘ The synthetic tests with fetch-url: === ~ # cat /proc/cmdline console=ttyS0 url=http://192.168.122.1/preseed debian-installer/allow_unauthenticated_ssl=true ~ # cat /etc/default-release disco Without patch: --- ~ # fetch-url http://192.168.122.1/preseed preseed ERROR: cannot verify 192.168.122.1's certificate, ... ... To connect to 192.168.122.1 insecurely, use `--no-check-certificate'. ~ # echo $? 1 With patch: --- ~ # wget --no-check-certificate http://192.168.122.1/di-utils_1.124ubuntu2_amd64.udeb ~ # udpkg -i di-utils_1.124ubuntu2_amd64.udeb ~ # fetch-url http://192.168.122.1/preseed preseed WARNING: cannot verify 192.168.122.1's certificate, ... ... 2018-11-14 13:17:03 URL:https://192.168.122.1//preseed [11/11] -> "./_fetch-url_preseed.1467" [1] ~ # echo $? 0 With patch and Without d-i/allow_unauthenticated_ssl=true: No Change --- ~ # cat /proc/cmdline console=ttyS0 url=http://192.168.122.1/preseed ~ # wget --no-check-certificate http://192.168.122.1/di-utils_1.124ubuntu2_amd64.udeb ~ # udpkg -i di-utils_1.124ubuntu2_amd64.udeb ~ # fetch-url http://192.168.122.1/preseed preseed ERROR: cannot verify 192.168.122.1's certificate, ... ... To connect to 192.168.122.1 insecurely, use `--no-check-certificate'. ~ # echo $? 1 ** Bug watch added: Debian Bug tracker #913740 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913740 ** Also affects: debian-installer-utils (Debian) via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913740 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1803385 Title: fetch-url does not use --no-check-certificate on HTTP to HTTPS redirects To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/debian-installer-utils/+bug/1803385/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
