Need an option to ignore check the self-signed certificate behind http proxy

Asked by 灬猜想灬 on 2016-06-16

Need an option to ignore check the self-signed certificate behind http proxy

I'm using snap in company local network, must connect internet by http proxy,

# snap login ?????@?????.com
Password:
error: cannot get package access macaroon from store: Post https://myapps.developer.ubuntu.com/api/2.0/acl/package_access/: x509: certificate signed by unknown authority

# curl -i -k -X POST https://myapps.developer.ubuntu.com/api/2.0/acl/package_access/
HTTP/1.0 200 Connection established

# snap find hello
error: cannot list snaps: Get https://search.apps.ubuntu.com/api/v1/search?fields=anon_download_url%2Carchitecture%2Cchannel%2Cdownload_sha512%2Csummary%2Cdescription%2Cbinary_filesize%2Cdownload_url%2Cicon_url%2Clast_updated%2Cpackage_name%2Cprices%2Cpublisher%2Cratings_average%2Crevision%2Csnap_id%2Csupport_url%2Ctitle%2Ccontent%2Cversion%2Corigin%2Cprivate%2Cconfinement&q=hello: x509: certificate signed by unknown authority

Is there one option like wget --no-check-certificate or curl -k

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu snapd Edit question
Assignee:
No assignee Edit question
Last query:
2016-06-16
Last reply:
2016-06-16

man wget
man curl

Will tell you the options of both commands.

Are you a home user or are you in a corporate network?

灬猜想灬 (joecc) said : #3

i'm in a corporate network

i want to use snap client like wget/curl to ignore check the certificate.

but now i can not find this option.

Does your firewall allow access on port 443 to those URLs? Get your network guys to allow the traffic and it'll work.

灬猜想灬 (joecc) said : #5

the firewall is closed.

added the proxy in /etc/environment

https_proxy='http://user:<email address hidden>:8080'
http_proxy='http://user:<email address hidden>:8080'

i can access the url by wget command with option '--no-check-certificate'
https://search.apps.ubuntu.com/api/v1/search?fields=anon_download_url%2Carchitecture%2Cchannel%2Cdownload_sha512%2Csummary%2Cdescription%2Cbinary_filesize%2Cdownload_url%2Cicon_url%2Clast_updated%2Cpackage_name%2Cprices%2Cpublisher%2Cratings_average%2Crevision%2Csnap_id%2Csupport_url%2Ctitle%2Ccontent%2Cversion%2Corigin%2Cprivate%2Cconfinement&q=hello

if i delete the command option '--no-check-certificate', it show this error:

Unable to locally verify the issuer's authority.
To connect to search.apps.ubuntu.com insecurely, use `--no-check-certificate'.

so i want to know is there an similar option or other way to let snap client work behind http proxy.

Can you help with this problem?

Provide an answer of your own, or ask 灬猜想灬 for more information if necessary.

To post a message you must log in.