Question

SSL certificate error to download packages

  • 10 January 2024
  • 1 reply
  • 114 views
R
Userlevel 1
Badge +5

Hello,

I am trying to download the repos from centreon packages website and I am getting the below error.

 

[root@ certs]# curl -vvv https://packages.centreon.com
* Uses proxy env variable https_proxy == 'http://10.10.253.14:8080'
*   Trying 10.10.253.14:8080...
* Connected to 10.10.253.14 port 8080 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to packages.centreon.com:443
> CONNECT packages.centreon.com:443 HTTP/1.1
> Host: packages.centreon.com:443
> User-Agent: curl/7.76.1
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
< Proxy-Agent: Fortinet-Proxy/1.0
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/pki/tls/certs/ca-bundle.crt
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* CONNECT phase completed!
* CONNECT phase completed!
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS header, Unknown (21):
* TLSv1.2 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: self-signed certificate in certificate chain
* Closing connection 0
curl: (60) SSL certificate problem: self-signed certificate in certificate chain
More details here: https://curl.se/docs/sslcerts.html

 

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
[root@vbvastefcentr01 certs]#

 

Do I need to install the self signed certificate for Centreon packages? If yes, where can I get it?

1 reply

ponchoh
Rank
Userlevel 4
Badge +13

Hello

 

Update the CA’s? is the proxy OK?

 

 curl -vvv https://packages.centreon.com

*   Trying 52.49.160.245:443...
* Connected to packages.centreon.com (52.49.160.245) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=packages.centreon.com
*  start date: Mar 27 00:00:00 2023 GMT
*  expire date: Apr 26 23:59:59 2024 GMT
*  subjectAltName: host "packages.centreon.com" matched cert's "packages.centreon.com"
*  issuer: C=FR; ST=Paris; L=Paris; O=Gandi; CN=Gandi Standard SSL CA 2
*  SSL certificate verify ok.

 

 

Reply


Terms & ConditionsCookie settings