Getting error 60 of curl to cygwin setup
J M
cesarjorgemartinez@gmail.com
Tue Mar 19 13:00:33 GMT 2024
Hi,
Send data recollected:
- Its strange that, I need to install curl and ca-certificates-letsencrypt,
houldn't they be within the default packages?
- The terminal is the default Cygwin64 Terminal.
Repeated two /usr/bin/curl:
$ which -a curl
/usr/bin/curl
/cygdrive/c/WINDOWS/system32/curl
/usr/bin/curl
$ curl -V
curl 8.6.0 (x86_64-pc-cygwin) libcurl/8.6.0 OpenSSL/3.0.13 zlib/1.3.1
brotli/1.1.0 zstd/1.5.5 libidn2/2.3.7 libpsl/0.21.5 libssh2/1.11.0
nghttp2/1.60.0 libgsasl/2.2.1 OpenLDAP/2.6.7
Release-Date: 2024-01-31
Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs
ipns ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet
tftp
Features: alt-svc AsynchDNS brotli gsasl GSS-API HSTS HTTP2 HTTPS-proxy IDN
IPv6 Kerberos Largefile libz NTLM PSL SPNEGO SSL threadsafe TLS-SRP
UnixSockets zstd
$ cygcheck -c ca-certificates ca-certificates-letsencrypt curl cygwin \
libbrotlidec1 libcurl4 libgsasl18 libgssapi_krb5_2 libidn2_0 libnghttp2_14 \
libopenldap2 libpsl5 libssh2_1 libssl3 libzstd1 zlib0
Cygwin Package Information
Package Version Status
ca-certificates 2023.2.62_v7.0.401-2 OK
ca-certificates-letsencrypt 2023.2.62_v7.0.401-2 OK
curl 8.6.0-1 OK
cygwin 3.5.1-1 OK
libbrotlidec1 1.1.0-1 OK
libcurl4 8.6.0-1 OK
libgsasl18 2.2.1-1 OK
libgssapi_krb5_2 1.15.2-2 OK
libidn2_0 2.3.7-1 OK
libnghttp2_14 1.60.0-1 OK
libopenldap2 2.6.7-1 OK
libpsl5 0.21.5-1 OK
libssh2_1 1.11.0-1 OK
libssl3 3.0.13-1 OK
libzstd1 1.5.5-1 OK
zlib0 1.3.1-1 OK
$ cat ca-certificates.sh.done
if [ ! -e "/etc/pki/ca-trust/ca-legacy.conf" ]
then
/usr/bin/mkdir -p "/etc/pki/ca-trust"
/usr/bin/cp "/etc/defaults/etc/pki/ca-trust/ca-legacy.conf"
"/etc/pki/ca-trust/ca-legacy.conf"
else
if [ -f /etc/pki/ca-trust/ca-legacy.conf -a -x /usr/bin/diff ]
then
/usr/bin/mkdir -p "/var/cache/setup/etc/pki/ca-trust"
/usr/bin/rm -f
"/var/cache/setup//etc/pki/ca-trust/ca-legacy.conf.diff"
/usr/bin/diff -wut "/etc/pki/ca-trust/ca-legacy.conf"
"/etc/defaults/etc/pki/ca-trust/ca-legacy.conf" >
"/var/cache/setup//etc/pki/ca-trust/ca-legacy.conf.diff" ||
echo "Defaults for /etc/pki/ca-trust/ca-legacy.conf differ
from actual file, please check
/var/cache/setup//etc/pki/ca-trust/ca-legacy.conf.diff"
fi
fi
/usr/bin/ca-legacy install
/usr/bin/update-ca-trust
$ cat ca-certificates-letsencrypt.sh.done
# p11kit / update-ca-trust leaves the directory unwritable
chmod u+w /etc/pki/ca-trust/extracted/pem/directory-hash
/usr/bin/ln -s /usr/share/pki/letsencrypt/isrg-intermediate-r3.pem
/usr/share/pki/ca-trust-source/anchors/
/usr/bin/ln -s /usr/share/pki/letsencrypt/trustid-root-x3.pem
/usr/share/pki/ca-trust-source/blacklist
/usr/bin/update-ca-trust
$ curl -vvvv -O https://cygwin.com/setup-x86_64.exe
% Total % Received % Xferd Average Speed Time Time Time
Current
Dload Upload Total Spent Left
Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:--
0* Host cygwin.com:443 was resolved.
* IPv6: (none)
* IPv4: 8.43.85.97
* Trying 8.43.85.97:443...
* Connected to cygwin.com (8.43.85.97) port 443
* ALPN: curl offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
* CApath: none
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:--
0{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [70 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [1023 bytes data]
* TLSv1.2 (OUT), TLS alert, unknown CA (560):
} [2 bytes data]
* SSL certificate problem: unable to get local issuer certificate
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:--
0
* Closing connection
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
Regards
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Libre
de virus.www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
El lun, 18 mar 2024 a las 23:19, Brian Inglis via Cygwin (<cygwin@cygwin.com>)
escribió:
> On 2024-03-18 15:21, J M via Cygwin wrote:
> > With a fresh install of Cygwin then I launch (with package curl
> installed):
> >
> > curl -O https://www.cygwin.com/setup-x86_64.exe
> >
> > Shows a curl 60 error ssl problem.
> > Using -k or --insecure works, but is not recomended.
> > Howto fix it?
>
> WJFFM!
>
> That error implies that the version of curl you are running or the
> certificate
> store you are using does not include the Let's Encrypt CA used by
> Cygwin.com.
>
> From what shell do you launch curl?
>
> Please run:
>
> which -a curl
>
> and ensure that /usr/bin/curl precedes /cygdrive/c/WINDOWS/system32/curl
> then
> run:
>
> $ curl -V
> curl 8.6.0 (x86_64-pc-cygwin) libcurl/8.6.0 OpenSSL/3.0.13 zlib/1.3.1
> brotli/1.1.0 zstd/1.5.5 libidn2/2.3.7 libpsl/0.21.5 libssh2/1.11.0
> nghttp2/1.60.0 libgsasl/2.2.1 OpenLDAP/2.6.7
> Release-Date: 2024-01-31
> Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs
> ipns
> ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
> Features: alt-svc AsynchDNS brotli gsasl GSS-API HSTS HTTP2 HTTPS-proxy
> IDN IPv6
> Kerberos Largefile libz NTLM PSL SPNEGO SSL threadsafe TLS-SRP UnixSockets
> zstd
>
> and check you get the same output as above, then run:
>
> cygcheck -c ca-certificates ca-certificates-letsencrypt curl cygwin \
> libbrotlidec1 libcurl4 libgsasl18 libgssapi_krb5_2 libidn2_0 libnghttp2_14
> \
> libopenldap2 libpsl5 libssh2_1 libssl3 libzstd1 zlib0
>
> and ensure all packages show Status OK.
>
> If that is the case, please follow the problem reporting guidelines below,
> and
> attach the output from running
>
> cygcheck -hrsv > cygcheck-hrsv.log
>
> as a text attachment to your reply.
>
> --
> Take care. Thanks, Brian Inglis Calgary, Alberta, Canada
>
> La perfection est atteinte Perfection is achieved
> non pas lorsqu'il n'y a plus rien à ajouter not when there is no more to
> add
> mais lorsqu'il n'y a plus rien à retirer but when there is no more to
> cut
> -- Antoine de Saint-Exupéry
>
> --
> Problem reports: https://cygwin.com/problems.html
> FAQ: https://cygwin.com/faq/
> Documentation: https://cygwin.com/docs.html
> Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cygcheck-hrsv.log
Type: application/octet-stream
Size: 35874 bytes
Desc: not available
URL: <https://cygwin.com/pipermail/cygwin/attachments/20240319/8f3d7703/attachment-0001.obj>
More information about the Cygwin
mailing list