Attempting CWAF install & wget issue

Peter Laws

Verified User
Joined
Sep 13, 2008
Messages
1,768
Location
London UK
I get this with wget (and CB2.0)
Code:
--2018-07-22 11:08:49--  https://waf.comodo.com/api/da_vendor?file=cwaf_rules-1.172.tgz
Resolving waf.comodo.com (waf.comodo.com)... 91.209.196.88
Connecting to waf.comodo.com (waf.comodo.com)|91.209.196.88|:443... connected.
ERROR: The certificate of `waf.comodo.com' is not trusted.
ERROR: The certificate of `waf.comodo.com' hasn't got a known issuer.
I get this on a Debian 7 system only..... Does this mean the CA root is missing? apt-get did remove a lot of root/cacerts in the recent update. :confused:

However, curl works fine.

Anyone seen this before?

EDIT:

NB. I can wget other sites with ssl.
 
Last edited:

Peter Laws

Verified User
Joined
Sep 13, 2008
Messages
1,768
Location
London UK
Well, it removed a lot from the directory itself after recent update..... So, not sure what I can do...... A bit weird that curl works though.
 

Peter Laws

Verified User
Joined
Sep 13, 2008
Messages
1,768
Location
London UK
I can confirm this is a Wheezy issue (used a test box), I understand it's EOL but it's only to comodo it fails.

Anyone here have a Wheezy box still? Can you try a wget to waf.comodo.com....
 

Peter Laws

Verified User
Joined
Sep 13, 2008
Messages
1,768
Location
London UK
This was due to the wget version, we need v1.16


Code:
$ wget http://ftp.gnu.org/gnu/wget/wget-1.16.tar.gz
$ tar -xvf wget-1.16.tar.gz
$ cd wget-1.16/
$ ./configure --with-ssl=openssl --prefix=/opt/wget
$ make
$ make install
$ mv /usr/bin/wget /usr/bin/bkp_wget
$ ln -s /opt/wget/bin/wget /usr/bin/wget
$ wget -V
 
Top