[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #58097] Wget doesn't download intermediate certificates when not su
From: |
anonymous |
Subject: |
[bug #58097] Wget doesn't download intermediate certificates when not supplied in the response |
Date: |
Wed, 1 Apr 2020 19:48:36 -0400 (EDT) |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 |
URL:
<https://savannah.gnu.org/bugs/?58097>
Summary: Wget doesn't download intermediate certificates when
not supplied in the response
Project: GNU Wget
Submitted by: None
Submitted on: Wed 01 Apr 2020 11:48:34 PM UTC
Category: Feature Request
Severity: 3 - Normal
Priority: 5 - Normal
Status: None
Privacy: Public
Assigned to: None
Originator Name: Michael Clark
Originator Email: address@hidden
Open/Closed: Open
Release: 1.20
Discussion Lock: Any
Operating System: GNU/Linux
Reproducibility: Every Time
Fixed Release: None
Planned Release: None
Regression: No
Work Required: None
Patch Included: No
_______________________________________________________
Details:
When using `wget` to connect to an Apache server which I believe lacks the
`SSLCertificateChainFire` directive (www.xocolatl.com; I've contacted the
server administrator to request a fix, so might not work indefinitely) using a
Let's Encrypt certificate, `wget` reports (from running `wget
https://www.xocolatl.com/`):
> ERROR: The certificate of ‘www.xocolatl.com’ is not trusted.
> ERROR: The certificate of ‘www.xocolatl.com’ doesn't have a known
issuer.
The site works fine in Chrome on Linux, and other sites using Let's Encrypt
certificates work fine on my machine using `wget`.
https://www.ssllabs.com/ssltest/analyze.html?d=www.xocolatl.com&s=116.202.171.177
shows that the intermediate certificate requires an extra download, and
https://discussions.qualys.com/thread/12098 reports essentially the same
issue.
What I expected: `wget` would connect to the server and get the page as usual,
as works in my browser.
Can we make `wget` do the same as browsers, and fetch intermediate
certificates? How difficult would that be?
_______________________________________________________
File Attachments:
-------------------------------------------------------
Date: Wed 01 Apr 2020 11:48:34 PM UTC Name: wget-d-xocolatl.com.txt Size:
776B By: None
Debug output
<http://savannah.gnu.org/bugs/download.php?file_id=48730>
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?58097>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
- [bug #58097] Wget doesn't download intermediate certificates when not supplied in the response,
anonymous <=