Bug #3691: Fetch error on HTTPS console update by URL - pfSense - pfSense bugtracker

Actions

Copy link

Bug #3691

closed

Fetch error on HTTPS console update by URL

Added by Jim Pingle over 10 years ago. Updated over 9 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Category:

Upgrade

Target version:

2.2

Start date:

06/04/2014

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

Release Notes:

Affected Version:

2.2

Affected Architecture:

All

Description

When performing a console update by URL from an HTTPS URL, fetch displays an error validating the certificate.

Fetching file...
looking up snapshots.pfsense.org
connecting to snapshots.pfsense.org:443
SSL options: 81004bff
Peer verification enabled
Using CA cert file: /etc/ssl/cert.pem
Certificate verification failed for /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - G2
34380912584:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:/usr/pfSensesrc/src/secure/lib/libssl/../../../crypto/openssl/ssl/s3_clnt.c:1167:
fetch: https://snapshots.pfsense.org/FreeBSD_stable/10//amd64/pfSense_HEAD/.updaters//latest.tgz: Authentication error

It appears to not know where the CA is, as this works when run manually

fetch --ca-cert=/usr/local/share/certs/ca-root-nss.crt https://snapshots.pfsense.org/FreeBSD_stable/10//amd64/pfSense_HEAD/.updaters//latest.tgz

Switching that to CURL may be better long-term.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #3691

Fetch error on HTTPS console update by URL

Updated by Chris Buechler over 10 years ago

Updated by Renato Botelho over 10 years ago

Updated by Renato Botelho over 10 years ago

Updated by Renato Botelho over 10 years ago

Updated by Willy Tenner over 9 years ago