6

My problem is simple, only look the screenshot:

Elinks Issue

**For tired eyes:

-bash-4.1$ cat /etc/*release
LSB_VERSION=base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
Red Hat Enterprise Linux Server release 6.6 (Santiago)
Red Hat Enterprise Linux Server release 6.6 (Santiago)
-bash-4.1$
-bash-4.1$
-bash-4.1$ elinks -version
ELinks 0.12pre5
Built on Jan  4 2013 07:04:04

Features:
Standard, IPv6, gzip, bzip2, UTF-8, Periodic Saving, Viewer (Search
History, Timer, Marks), Cascading Style Sheets, Protocol
(Authentication, BitTorrent, File, FTP, HTTP, URI rewrite, User
protocols), SSL (OpenSSL), MIME (Option system, Mailcap, Mimetypes
files), LED indicators, Bookmarks, Cookies, Form History, Global
History, Goto URL History
-bash-4.1$
-bash-4.1$
-bash-4.1$ elinks -dump -eval 'set connection.ssl.cert_verify = 1' https://10.113.1.104:443/sgc/registro2.asp
ELinks: SSL error
-bash-4.1$
-bash-4.1$
-bash-4.1$ elinks -dump -eval 'set connection.ssl.cert_verify = 0' https://10.113.1.104:443/sgc/registro2.asp
ELinks: SSL error
-bash-4.1$

I don't understand why elinks still shows the error SSL. Any idea?

Andrés
  • 175
  • 1
  • 3
  • 9
  • 2
    Tired eyes cannot see the screenshot. And the site and search engines cannot index the relevant text. Please add the text to the question (its OK to keep the picture, but we need the text). – jww Dec 30 '14 at 00:14
  • @jww done, look now. – Andrés Dec 30 '14 at 19:18

2 Answers2

9

You may configure elinks to ignore SSL verification: edit elinks.conf and change the connection.ssl.cert_verify setting to 0, then restart elinks.


set connection.ssl.cert_verify = 0
jottr
  • 3,256
  • 3
  • 29
  • 35
UTCWebDev
  • 193
  • 2
  • 6
  • 2
    i know it should probably be obvious, but the location of that file would be helpful to us noobs – jrich523 Apr 12 '17 at 21:12
  • 2
    jrich, the location is usually /etc/elinks.conf on RHEL Linux + downstream versions. – UTCWebDev May 10 '17 at 18:53
  • 19
    FWIW, the file is `~/.elinks/elinks.conf` (and doesn't exist by default) and the syntax is `set connection.ssl.cert_verify = 0` – this is very poorly documented. – Arkku Dec 17 '17 at 12:56
0

First make sure

  1. your server is indeed listening to port 443 and
  2. it receives/sends traffic from/to that port.

Also check the key length for your server (10.113.1.104) certificate; it might very be that elinks expects 2048-bit keys while your certificate key length is less than that:

$ echo | openssl s_client -connect 10.113.1.104:443 2>/dev/null | openssl x509 -text -noout | grep "Public-Key"
  • This is the answer: Public-Key: (1024 bit), what i can do? – Andrés Dec 30 '14 at 19:31
  • See what the same command gives, without grep: `echo | openssl s_client -connect 10.113.1.104:443 2>/dev/null | openssl x509 -text -noout`. You'll then have a complete certificate dump. Check if the certificate is self-signed, for instance. –  Jan 09 '15 at 21:30
  • Yep, the certificate is self-signed. – Andrés Jan 10 '15 at 23:16
  • Self-signed certificates by definition may not be verified. There should be an option to accept self-signed certificates but that would go against security enforcement... unless for development purposes. If elinks has no such option you'll have to create a certificate coming from either a globally recognized certification authority or an internal certification authority of your own. In the latter case you'll have to add the internal certification authority's certificate to elinks' list of CA certificates somehow. –  Jan 11 '15 at 11:48