0
点赞
收藏
分享

微信扫一扫

Centos SSL 过期问题三个解决方案


解决方案地址: http://www.megaleecher.net/SSL_Certificate_Verification_Error_in_Linux#axzz3P9axfRfp

 

返回错误信息如下:

fatal: unable to access 'https://github.com/gmarik/Vundle.vim.git/': SSL certificate problem, verify that the CA cert is OK. Details:

error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

 

 

 

The reason for the error is older version of CentOS 5.XX having expired certificate authority bundles, the root certificate bundle is located at :



/etc/pki/tls/certs/ca-bundle.crt



.

Solution One : Disable SSL for Github (Fastest)
Execute the command



git config --system http.sslVerify false



on console and retry connecting, this will simply bypass the SSL verification. Do mind that this can be dangerous from security point of view, SSL signature verification exists to safeguard against man in the middle attacks and this disables that safety feature. Use only when other solution's shared below does not work.




Centos SSL 过期问题三个解决方案_linux


Solution Two : Update the CA certificate bundle (Recommended)
Use


yum update openssl


or equivalent command to get the latest version of OpenSSL library which will renew the working set of CA certificates (ca-bundle.crt).

Solution Three : Replace the old CA certificate's using cURL
Use curl and replace the certificate bundle with new ones using


curl http://curl.haxx.se/ca/cacert.pem -o /etc/pki/tls/certs/ca-bundle.crt


Read more: ​​Fixing the "error: SSL certificate problem, verify that the CA cert is OK" Error On Linux | Megaleecher.Net​​​ ​​http://www.megaleecher.net/SSL_Certificate_Verification_Error_in_Linux#ixzz3P9bZrWZi​​

举报

相关推荐

0 条评论