Tag: certificate

How To: Make ‘wget’ Ignore Certificate Errors

In today’s article, we’ll learn how to make ‘wget’ ignore certificate errors. It’s an easy thing to do and can be pretty useful if you want to download stuff from a server with a broken or missing security certificate. It’s a simple process, one which even a new Linux user can follow – but it’s not one that comes up all that often and so it’s worth including here.

I’d like to save some time and not duplicate work, so I’d appreciate it greatly if you at least read the intro section from when I wrote how to make ‘curl’ ignore certificate errors.

That’s right, I’ve already written this article – except it was for ‘curl‘ and not for ‘wget’.  Well, this article is pretty much the same thing, except we’re talking about doing it with ‘wget’. So, read the intro to the curl article and you’ll be up to speed with regards to what a certificate is, why they’re important, and why you might want to ignore certificate errors.

That’ll save some time! Those of you who do not read the ‘curl’ article are on your own. Also, many of my readers will already know about security certificates and won’t need a tutorial or refresher course. 

By the way, we use SSL here on Linux Tips. In fact, we use HSTS Preload, which means it’s hard coded in Chromium browsers (or at least Chrome) and the site will simply refuse to load without a proper certificate. So, there’s that… I take security pretty seriously, something important when you’re using WordPress.

Make ‘wget’ Ignore Certificate Errors:

This article requires ‘wget’ which requires an open terminal. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open. If ‘wget’ isn’t installed, install it. I am pretty darned confident that it’s in your default repositories.

If you don’t know, ‘wget’ is used to download stuff from servers – while  you’re using your terminal. It’s a basic concept, but the command can be pretty complicated. After all, there are some pretty complicated site structures out there, and of course your downloading needs will vary.

So, with that said, it’s really easy to do this. You’ll just use the “--no-check-certificate” flag, like so:

But wait, there’s more! You can actually make the ‘wget’ command ignore certificate errors all the time. If this is something you find yourself needing to add this to your ‘wget’ commands often, you can make it permanent. To do that, you just need to edit your ~/.wgetrc file (create it, if it doesn’t exist) with the following:

You won’t have to reload anything, that command should take effect the very next time you use the ‘wget’ command and you should now permanently be ignoring security certificate errors. 

Doing this might actually be a horrible idea. After all, you’re ignoring security warnings. That’s a bit like ignoring a ‘Bridge Closed’ sign and hoping for the best as you gun it to the tune of “Highway To The Danger Zone”. Or, it could be just fine ’cause not everything even needs a security certificate! It’s Linux. You get to decide.

Closure:

Whelp… You have a new article. In this one, I give you what could be horrible advice. You might not want to make ‘wget’ ignore certificate errors. I mean, they are security related. On the other hand, it’s likely just fine – assuming you do some basic verification. Ah well… I ain’t scared and it’s not my computer. I’ll happily teach you how to completely break your system. I ain’t scared.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

How To: Make ‘curl’ Ignore Certificate Errors

In today’s article, we’re going to learn how to make ‘curl’ ignore certificate errors. If you do a lot of ‘curl’ing, this is something you’ll want to know. It’s not a dreadfully difficult task to ignore certificate errors, just a couple of options, but we might as well learn them both today.

We have previously covered the curl command, though the article only touched the surface – covering the basics that a regular Linux user might want to know. If you’re unfamiliar with curl, it’s a tool that’s used to transfer data to or from a server. It defines itself as a tool that you use to ‘transfer a URL’ and it’s an expansive application, with myriad options only a true guru would need or want to know.

What we haven’t really covered much is SSL and certificates. Briefly, SSL stands for “Secure Sockets Layer” and means that there’s a secure connection between you and the site. The certificate contains information like the URL and IP address – and is the confirmation used in the secure socket layer. Meaning, the certificate matches the site and this confirmation is what lets you use SSL without any warnings. Any break in the chain should throw an error up on your screen about a broken or missing certificate.

But, what if you still need that information? What if that data is essential? If the certificate is broken then curl will throw an error and not complete the transfer. It’s for this reason that you’ll want to learn how to …

Make ‘curl’ Ignore Certificate Errors:

Obviously, curl is an application used in the terminal, so this article requires an open terminal. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

These days, everything is expected to have a security certificate and SSL. Even this site has one, as you can tell by the https:// in the URL. Some folks want them for everything on the web, but I’d contend not every site really needs to have one – especially sites that aren’t interactive and don’t collect personal information. But, I have one and would have one regardless – simply because we do exchange some personal information (like email addresses) and I want folks to know we take security seriously.

Moving on…

The syntax is simple and, again, we’re only tackling part of the curl application. It’s simply too large a program, with too many variables, to cover it all in just one article. You basically have two choices:

And the other option is:

Either of those will let  you make curl ignore certificate errors, allowing  you to fetch whatever it is you were after. I suppose you should be careful with this, always verifying what you fetch is what you were actually after. Be extra careful to ensure the address is the one intended, of course. Just practice some careful scrutiny and you’re likely to be just fine.

Closure:

Yup. Another article. This one will help you use curl and to ignore certificate errors. It’s especially useful if you use curl a great deal. If not, stick it in the back of your memory banks and recall it when you do end up needing it. You never know when a tool like this will come in handy.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Subscribe To Our Newsletter
Get notified when new articles are published! It's free and I won't send you any spam.
.
Linux Tips
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.