使用 Wget 忽略 SSL 证书错误

那么你 安装 wget 当您尝试在 Linux 终端中下载文件时,会出现如下 SSL 证书错误?

[email protected]:~$ wget https://expired.badssl.com
--2022-11-04 14:35:55--  https://expired.badssl.com/
Resolving expired.badssl.com (expired.badssl.com)... 104.154.89.105
Connecting to expired.badssl.com (expired.badssl.com)|104.154.89.105|:443... connected.
ERROR: cannot verify expired.badssl.com's certificate, issued by ‘CN=COMODO RSA Domain Validation Secure Server CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB’:
  Issued certificate has expired.
To connect to expired.badssl.com insecurely, use `--no-check-certificate'.

您收到此错误的原因很简单。 默认情况下,wget 检查有效的 SSL 证书,以便您可以建立可靠的连接,如果没有,它会抛出错误,指出颁发的证书已过期。

那么让我们看看如何在使用 wget 时忽略 SSL 证书错误。

使用 wget 忽略 SSL 证书错误

虽然我不建议您通过 SSL 证书损坏的网站进行连接,但您可能会在受信任的网站上发现此错误并希望继续,所以请继续。

要忽略此错误,您必须使用 --no-check-certificate 选项,它不会检查 SSL 证书:

wget --no-check-certificate https://expired.badssl.com
[email protected]:~$ wget --no-check-certificate https://expired.badssl.com
--2022-11-04 15:18:07--  https://expired.badssl.com/
Resolving expired.badssl.com (expired.badssl.com)... 104.154.89.105
Connecting to expired.badssl.com (expired.badssl.com)|104.154.89.105|:443... connected.
WARNING: cannot verify expired.badssl.com's certificate, issued by ‘CN=COMODO RSA Domain Validation Secure Server CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB’:
  Issued certificate has expired.
HTTP request sent, awaiting response... 200 OK
Length: 494 [text/html]
Saving to: ‘index.html.1’

index.html.1        100%[===================>]     494  --.-KB/s    in 0s      

2022-11-04 15:18:08 (209 MB/s) - ‘index.html.1’ saved [494/494]

跳过认证检查

⚠️我不建议这样做,除非你有一个孤立的环境或者想要测试东西而不考虑安全问题。

要在每次访问损坏的 SSL 站点时跳过认证检查,您只需附加 check-certificate = off 在 wget 配置文件中:

现在,您可以使用 wget 在损坏的 SSL 站点上下载文件,而无需添加 --no-check-certificate 选项:

[email protected]:~$ wget https://expired.badssl.com
--2022-11-04 15:41:50--  https://expired.badssl.com/
Resolving expired.badssl.com (expired.badssl.com)... 104.154.89.105
Connecting to expired.badssl.com (expired.badssl.com)|104.154.89.105|:443... connected.
WARNING: cannot verify expired.badssl.com's certificate, issued by ‘CN=COMODO RSA Domain Validation Secure Server CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB’:
  Issued certificate has expired.
HTTP request sent, awaiting response... 200 OK
Length: 494 [text/html]
Saving to: ‘index.html.2’

index.html.2        100%[===================>]     494  --.-KB/s    in 0s      

2022-11-04 15:41:51 (191 MB/s) - ‘index.html.2’ saved [494/494]

总结

通过本指南,我解释了如何使用 wget 忽略 SSL 证书错误。 如果您有任何疑问,请在评论中告诉我。

Related Posts