Solidot 的 WoTrus 证书不被信任
資深大佬 : guyskk0x0 4
从 2020-10-16 开始,Solidot 似乎更换了 WoTrus (沃通) 签发的 HTTPS 证书,curl, requests 和 cloudflare 都不信任这个证书。
$ curl -v https://www.solidot.org/ * About to connect() to www.solidot.org port 443 (#0) * Trying 106.75.14.181... * Connected to www.solidot.org (106.75.14.181) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * Server certificate: * subject: CN=*.solidot.org,OU=PositiveSSL Multi-Domain,OU=Domain Control Validated * start date: 10 月 16 00:00:00 2019 GMT * expire date: 10 月 15 23:59:59 2021 GMT * common name: *.solidot.org * issuer: CN=WoTrus DV Server CA,OU=Controlled by Sectigo exclusively for WoTrus CA Limited,O=WoTrus CA Limited,L=Shenzhen,ST=Guangdong,C=CN * NSS error -8179 (SEC_ERROR_UNKNOWN_ISSUER) * Peer's Certificate issuer is not recognized. * Closing connection 0 curl: (60) Peer's Certificate issuer is not recognized.
requests.exceptions.SSLError: HTTPSConnectionPool(host='www.solidot.org', port=443): Max retries exceeded with url: /index.rss (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1076)')))
大佬有話說 (6)