Mailing List Archive

I'm not sure this will help, but can you try using the CURL_CA_BUNDLE environment variable to see if that helps?

Ex:

CURL_CA_BUNDLE=/usr/local/share/ca-certificates/cert.crt freshclam

https://docs.clamav.net/faq/faq-freshclam.html?highlight=curl_#problem-with-the-ssl-ca-cert

Regards,
Micah

Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.

________________________________
From: clamav-users <clamav-users-bounces@lists.clamav.net> on behalf of Petr Nov?k via clamav-users <clamav-users@lists.clamav.net>
Sent: Monday, April 3, 2023 7:23 AM
To: clamav-users@lists.clamav.net <clamav-users@lists.clamav.net>
Cc: Petr Nov?k <larryn13@gmail.com>
Subject: [clamav-users] ssl peer certificate or ssh remote key was not ok

Hi guys,

I have an issue with freshclam.

We are setting up freshclam clients (Debian 11) which are downloading database via private mirror which is using HTTPS. When I tried to use freshclam on my Windows client, it worked, but on my Debian Client, I get error message "ssl peer certificate or ssh remote key was not ok".

I imported my private mirror's SSL certificate via this method:
cp cert.crt /usr/local/share/ca-certificates/
update-ca-certificates

But even after this, the error still persists.

Is there any way to make this work? I am a beginner in Linux, so I don't really know what to do next.

Thanks

Hello Micah,

Thank you for your reply.

Unfortunately, when I use the CURL_CA_BUNDLE variable, I get a different
error:
Message: Problem with the SSL CA cert (path? access rights?

Is there something I did wrong when I imported the certificate from my
Windows private mirror?

Thanks!

po 3. 4. 2023 v 19:57 odesílatel Micah Snyder (micasnyd) <micasnyd@cisco.com>
napsal:

> I'm not sure this will help, but can you try using the CURL_CA_BUNDLE
> environment variable to see if that helps?
>
> Ex:
>
> CURL_CA_BUNDLE=/usr/local/share/ca-certificates/cert.crt freshclam
>
>
> https://docs.clamav.net/faq/faq-freshclam.html?highlight=curl_#problem-with-the-ssl-ca-cert
>
> Regards,
> Micah
>
> Micah Snyder
> ClamAV Development
> Talos
> Cisco Systems, Inc.
>
> ------------------------------
> *From:* clamav-users <clamav-users-bounces@lists.clamav.net> on behalf of
> Petr Novák via clamav-users <clamav-users@lists.clamav.net>
> *Sent:* Monday, April 3, 2023 7:23 AM
> *To:* clamav-users@lists.clamav.net <clamav-users@lists.clamav.net>
> *Cc:* Petr Novák <larryn13@gmail.com>
> *Subject:* [clamav-users] ssl peer certificate or ssh remote key was not
> ok
>
> Hi guys,
>
> I have an issue with freshclam.
>
> We are setting up freshclam clients (Debian 11) which are downloading
> database via private mirror which is using HTTPS. When I tried to use
> freshclam on my Windows client, it worked, but on my Debian Client, I get
> error message "ssl peer certificate or ssh remote key was not ok".
>
> I imported my private mirror's SSL certificate via this method:
> cp cert.crt /usr/local/share/ca-certificates/
> update-ca-certificates
>
> But even after this, the error still persists.
>
> Is there any way to make this work? I am a beginner in Linux, so I don't
> really know what to do next.
>
> Thanks
>