ssl problem
- Thread starter lisas4567
- Start date
Hi there sharpie,
I have encountered this problem myself. It was primarily the coding on the site I was downloading from. It has since been rectified
.Here is a link I used to get round it whilst the coding was being sorted. It will probably differ slightly depending on the OS you are using, but the principle is the same. I hope this helps.
http://evcz.tk/blog/2008/10/24/centos-import-ssl-certificate/
Attachments
you need to look more into something like this my friend:
https://bbs.archlinux.org/viewtopic.php?id=41721
https://bbs.archlinux.org/viewtopic.php?id=41721
This is want i do to make it works on my debian/ubuntu server :
We need openssl :
Code:
aptitude install openssl
(you can use apt-get if you want to)
We create a certs directory for a specific user :
Code:
mkdir /home/SOMEUSER/certs
We create the script :
Code:
nano import.cert.sh
Copy and PAste :
Code:
#!/bin/sh
SITE=somesite.tld
USER=someuser
openssl s_client -connect $SITE:443 < /dev/null 2>/dev/null | sed -n '/BEGIN CERTIFICATE/,/END CERTIFICATE/p' >> /home/$USER/certs/$SITE.crt
openssl x509 -in /home/$USER/certs/$SITE.crt -out /home/$USER/certs/$SITE.der -outform DER
openssl x509 -in /home/$USER/certs/$SITE.der -inform DER -out /home/$USER/certs/$SITE.pem -outform PEM
c_rehash
chown -R $USER:$USER /home/$USER/certs/
unset SITE
unset USER
Make it executable :
Code:
chmod +x import.cert.sh
Run it :
Code:
./import.cert.sh
Now we need to say to rtorrent where looking for CA. If you use a script to load rtorrent, simple add this as extra command :
Code:
# set of options to run with
options=-o http_capath=/home/SOMEUSER/certs
If can't do this you need to change your script by your own. Else execute rtorrent like this :
Code:
rtorrent -o http_capath=/home/SOMEUSER/certs
We need openssl :
Code:
aptitude install openssl
(you can use apt-get if you want to)
We create a certs directory for a specific user :
Code:
mkdir /home/SOMEUSER/certs
We create the script :
Code:
nano import.cert.sh
Copy and PAste :
Code:
#!/bin/sh
SITE=somesite.tld
USER=someuser
openssl s_client -connect $SITE:443 < /dev/null 2>/dev/null | sed -n '/BEGIN CERTIFICATE/,/END CERTIFICATE/p' >> /home/$USER/certs/$SITE.crt
openssl x509 -in /home/$USER/certs/$SITE.crt -out /home/$USER/certs/$SITE.der -outform DER
openssl x509 -in /home/$USER/certs/$SITE.der -inform DER -out /home/$USER/certs/$SITE.pem -outform PEM
c_rehash
chown -R $USER:$USER /home/$USER/certs/
unset SITE
unset USER
Make it executable :
Code:
chmod +x import.cert.sh
Run it :
Code:
./import.cert.sh
Now we need to say to rtorrent where looking for CA. If you use a script to load rtorrent, simple add this as extra command :
Code:
# set of options to run with
options=-o http_capath=/home/SOMEUSER/certs
If can't do this you need to change your script by your own. Else execute rtorrent like this :
Code:
rtorrent -o http_capath=/home/SOMEUSER/certs
