我正在尝试按照“.NET Tutorial - Hello World in 5 minutes“中的说明在Centos 7上安装.net Core SDK 2. 0. 0。
当我运行第一个命令时
sudo rpm --import https://packages.microsoft.com/keys/microsoft.asc我得到这个错误:
curl: (60) Peer's Certificate issuer is not recognized.
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
error: https://packages.microsoft.com/keys/microsoft.asc: import read failed(2)我在一个公司代理后面,似乎这个错误与SSL证书和curl有关,但我不知道如何修复它。
此外,当我使用curl或wget下载HTTPS URL时,也会出现类似的错误。
5条答案
按热度按时间aiqt4smr1#
我有同样的问题,然后只是暂时关闭了SSL检查,并安装了软件包。但请注意,这是绕过一个安全措施,所以谨慎使用。
然后在编辑器中添加以下行
pgccezyw2#
终于修好了。把答案贴在这里作为参考。
openssl x509 -in xxx.cer -inform der -outform pem -out xxx.pem)yum install ca-certificates个update-ca-trust force-enable/etc/pki/ca-trust/source/anchors/中update-ca-trust extract,将root添加到系统的受信任证书中参考文献:
https://support.ssl.com/Knowledgebase/Article/View/19/0/der-vs-crt-vs-cer-vs-pem-certificates-and-how-to-convert-them
http://manuals.gfi.com/en/kerio/connect/content/server-configuration/ssl-certificates/adding-trusted-root-certificates-to-the-server-1605.html
zte4gxcn3#
请检查您的服务器是否具有有效的代理设置。
j91ykkif4#
我使用的自签名SSL证书已经过期,所以在Cent OS 7上,我运行下面的命令,但将天数从
-days 365增加到-days 1400,这大约是4年的保证。您可以在“How To Create an SSL Certificate on Apache for CentOS 7“中找到更多信息。
elcex8rz5#