6

Is there any way to disable SSL verification at installing some packages?

I found how to add my certificate in trusted certificates, but I'd rather do disable this checking.

I need it to avoid following error:

SSL routines:tls_process_server_certificate:certificate verify failed
β.εηοιτ.βε
  • 33,893
  • 13
  • 69
  • 83
Sardorkhuja Tukhtakhodjaev
  • 83
  • 1
  • 1
  • 4

2 Answers2

13

If you use an http mirror of the packet repository rather than an https version of it, then you won't have any SSL verification.

So, you could, for example do:

apk add \
  --no-cache \
  --allow-untrusted \
  --repository http://dl-cdn.alpinelinux.org/alpine/v3.15/main \
  alpine-sdk

To find the right package repository for your version of Alpine, you have a look in the file /etc/apk/repositories.

Here is, for example, the content of the file for the Alpine 3.15 image:

https://dl-cdn.alpinelinux.org/alpine/v3.15/main
https://dl-cdn.alpinelinux.org/alpine/v3.15/community
β.εηοιτ.βε
  • 33,893
  • 13
  • 69
  • 83
  • 2
    It doesn't work so, because if we read description of the _allow-untrusted_ switch it says: `--allow-untrusted Install packages with untrusted signature or no signature` It has no connection with SSL verification during package fetching – Kakash1hatake Apr 12 '22 at 16:12
  • And the [issue](https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10650) in Apline repo is still opened – Kakash1hatake Apr 12 '22 at 16:17
  • Didn't work for me, because the `fetch` command gets redirected to https immediately. – Trinimon Jun 21 '23 at 12:51
2

There was an issue raised in the alpine project. This was solved by adding a new parameter, --no-check-certificate

Just add the flag to your update and add commands, e.g

RUN apk update --no-check-certificate && apk add --no-check-certificate curl bash
Chen A.
  • 10,140
  • 3
  • 42
  • 61