例如,运行wget https://www.dropbox.com会出现以下错误:
ERROR: The certificate of `www.dropbox.com' is not trusted.
ERROR: The certificate of `www.dropbox.com' hasn't got a known issuer.
例如,运行wget https://www.dropbox.com会出现以下错误:
ERROR: The certificate of `www.dropbox.com' is not trusted.
ERROR: The certificate of `www.dropbox.com' hasn't got a known issuer.
当前回答
在我的例子中,在树莓派3B上,时间是在未来(2025年),我需要使用ntpdate通过将时间传递到过去来更新到当前的本地时间,它解决了这个问题。
$ sudo date +%Y%m%d -s "20210101"
$ sudo ntpdate times1.mike.fi
其他回答
只做
apt-get install ca-certificate
如果问题是一个已知的根CA缺失,并且当你使用ubuntu或debian时,那么你可以用这一行来解决问题:
sudo apt-get install ca-certificates
首先,需要安装SSL证书。说明(基于https://stackoverflow.com/a/4454754/278488):
pushd /usr/ssl/certs
curl http://curl.haxx.se/ca/cacert.pem | awk 'split_after==1{n++;split_after=0} /-----END CERTIFICATE-----/ {split_after=1} {print > "cert" n ".pem"}'
c_rehash
以上已经足够修复curl了,但是wget需要一个额外的符号链接:
ln -sT /usr/ssl /etc/ssl
如果您不关心检查证书的有效性,只需在wget命令行上添加——no-check-certificate选项。这对我来说很有效。
注意:这将使您容易受到中间人(MitM)攻击,不建议在任何您关心安全性的情况下使用。
We just had this same issue come up when we installed a newly minted certificate just this last week. I've also seen it two other times...yet I'm slow to learn. In all 3 cases I had to get the "intermediate certificates" and install them. In other words My cert was good but it's signer or it's signer's signer wasn't correctly installed. Make sure you go to your certificate provider's site and get the correct intermediate certificates and install them as well on your server and then this warning will go away.
可能不仅仅是上面的原因,也可能是客户没有更新列表……但我会确保这不仅仅是你没有完全安装正确的证书,然后再到客户端,并确保他们的列表更新。