从 Ubuntu 16 更新到 18 后,wget 停止工作(以及其它东西),而 curl 正常工作。
$ curl -v https://google.com
...
* Server certificate:
* subject: C=US; ST=California; L=Mountain View; O=Google LLC; CN=*.google.com
* start date: Jul 29 17:24:58 2019 GMT
* expire date: Oct 27 17:24:58 2019 GMT
* subjectAltName: host "google.com" matched cert's "google.com"
* issuer: C=US; O=Google Trust Services; CN=GTS CA 1O1
* SSL certificate verify ok.
...
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="https://www.google.com/">here</A>.
</BODY></HTML>
$ wget https://google.com
--2019-08-18 20:31:03-- https://google.com/
Resolving google.com (google.com)... 172.217.13.110, 2607:f8b0:4020:804::200e
Connecting to google.com (google.com)|172.217.13.110|:443... connected.
ERROR: cannot verify google.com's certificate, issued by ‘CN=GTS CA 1O1,O=Google Trust Services,C=US’:
Unable to locally verify the issuer's authority.
To connect to google.com insecurely, use `--no-check-certificate'.
编辑:
到目前为止我已经尝试过:
- 使用
sudo wget https://google.com - 以 root 身份运行
sudo su; wget https://google.com - 重新安装
apt-get purge wget; apt-get install wget
答案1
它应该找到 google 的根证书。所以有些不对劲,请尝试:
sudo apt 安装 ca 证书
或者
sudo apt 重新安装 ca 证书
但是其他一些根证书默认不存在(至少在我的 20.04 上)
wget --ca-certificate=<ca-root.crt> https://....
您可以从证书供应商网站获取根证书