search

alexa / avs-device-sdk

An SDK for commercial device makers to integrate Alexa directly into connected products.
https://developer.amazon.com/alexa/alexa-voice-service
Apache License 2.0
1.26k stars 604 forks source link

curl certificates #856

Closed xuqifu closed 6 years ago

xuqifu commented 6 years ago

IMPORTANT: Before you create an issue, please take a look at our Issue Reporting Guide.

Briefly summarize your issue:

there's ca-certificates.crt path: /etc/ssl/certs . and I‘m trying this command on arm : curl -I https://nghttp2.org/ --cacert /etc/ssl/certs/ca-certificates.crt --capath /etc/ssl/certs

curl: (60) SSL certificate problem: unable to get local issuer certificate More details here: https://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. HTTPS-proxy has similar options --proxy-cacert and --proxy-insecure.

but there's normal run this command after run this thread "tutk_app &" (ambarella plaform application thread)

curl -I https://nghttp2.org/ --cacert /etc/ssl/certs/ca-certificates.crt --capath /etc/ssl/certs

HTTP/1.1 302 Moved Temporarily Server: bfe/1.0.8.18 Date: Tue, 17 Jul 2018 13:32:42 GMT Content-Type: text/html Content-Length: 161 Connection: keep-alive Location: http://www.baidu.com/

so , i don't know need to other libraries except nghttp2 and openssl

What is the expected behavior?

What behavior are you observing?

Provide the steps to reproduce the issue, if applicable:

Tell us about your environment:

What version of the AVS Device SDK are you using?

  <x.y.z>

Tell us what hardware you're using:

Tell us about your OS (Type & version):

BennyAvramson commented 6 years ago

Hi @xuqifu,

Is it related to the Alexa DeviceSDK? Could you post here the error message you're receiving from the SampleApp?

Thanks, Benny

xuqifu commented 6 years ago

run curl on terminal for verify nghttp2 and openssl

curl -I https://nghttps.org/

curl: (60) SSL certificate problem: unable to get local issuer certificate More details here: https://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. HTTPS-proxy has similar options --proxy-cacert and --proxy-insecure.

celinval commented 6 years ago

Hi @xuqifu, if you are having problems with curl certificates, you might want to try to email the curl-users mailing list instead?

Please feel free to re-open this issue if you believe this issue is specific to the SDK. Thanks