been trying for quite some time to get this working.
The system is behind a corporate proxy which has its own CA certificates. I'm no pro at SSL/TLS stuff, so my knowledge is quite narrow. It seems I'm pretty stuck at this point.
Assuming the proxy is: proxy.b.c:123
> cat /etc/profile.d/proxy.sh
export http_proxy=http://proxy.b.c:123
export https_proxy=https://proxy.b.c:123
export ftp_proxy=http://proxy.b.c:123
export no_proxy="localhost,127.0.0.1,localaddress,.someother.b.c
Trying the following:
> curl http://google.com
WORKS!
> wget http://google.com
WORKS!
I have exported the corporate certificates from Firefox CA list (as described here), moved them to /usr/local/share/ca-certificates/ and ran:
> update-ca-certificates
> dpkg-reconfigure ca-certificates
However:
> curl https://google.com
curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
> wget https://google.com
Resolving proxy.b.c (proxy.b.c)...
Connecting to proxy.b.c ... connected.
Proxy request sent, awaiting response... 302 Found
Location: https://www.google.de/?... [following]
Connecting to proxy.b.c ... connected.
ERROR: The certificate of 'www.google.de' is not trusted.
ERROR: The certificate of 'www.google.de' hasn't got a known issuer.
Using openssl so far has not revealed anything helpful to me
> openssl s_client -connect google.de:443
# This takes very long .... and finally the following appears
140081117181184:error:0200206E:system library:connect:Connection timed out:../crypto/bio/b_sock2.c:108:
140081117181184:error:2008A067:BIO routines:BIO_connect:connect error:../crypto/bio/b_sock2.c:109:
140081117181184:error:02002065:system library:connect:Network is unreachable:../crypto/bio/b_sock2.c:108:
140081117181184:error:2008A067:BIO routines:BIO_connect:connect error:../crypto/bio/b_sock2.c:109:
connect:errno=101
Any ideas what I could try? I'm pretty lost
