[Hamara-devel] Certificate problem in downloading hamara linux iso through command line tools

akshat akshat-pg8 at iiitmk.ac.in
Tue Oct 13 08:22:01 BST 2015 

at bottom:

On Tue, Oct 13, 2015 at 10:11 AM, shirish <shirish at hamaralinux.org> wrote:

> additional at bottom :-
>
>
> On Tuesday 13 October 2015 10:05 AM, shirish wrote:
>
>> Dear Akshat,
>>
>> It seems that the URL re-directs to some mirror internally.
>>
>> Do
>>
>> $ curl -# -O -L -v
>> http://downloads.hamaralinux.org/final/hamara_1.0.3_amd64.iso
>>
>> And you will see it starts to download as well as you see what is
>> happening at the back-end a bit.
>>
>> There is also --trace-ascii which you can also use for debugging
>> purposes if needed.
>>
>> -L is the crucial bit here as per man page
>>
>> -L, --location
>>                (HTTP/HTTPS) If the server reports that the requested
>> page has moved to a different location (indicated with a Location:
>> header and a  3XX  response  code),  this  option  will make curl redo
>> the request on the new place. If used together with -i, --include or -I,
>> --head, headers from all requested pages will be shown. When
>> authentication is used, curl only sends its credentials to the  initial
>> host. If a redirect takes curl to a different host, it won't be able to
>> intercept the user+password. See also --location-trusted on how to
>> change this. You can limit the amount of redirects to follow by using
>> the --max-redirs option.
>>
>>                When curl follows a redirect and the request is not a
>> plain GET (for example POST or PUT), it will do the following request
>> with a GET if the HTTP response was 301, 302, or 303. If the response
>> code was any other 3xx code, curl will re-send the following request
>> using the same unmodified method.
>>
>>                You can tell curl to not change the non-GET request
>> method to GET after a 30x response by using  the  dedicated  options
>> for  that:  --post301, --post302 and -post303.
>>
>> Let us know if you still get errors after trying the above flag/switch.
>>
>>
> This is how it looks at my end :-
>
>  curl -# -O -L -v
> http://downloads.hamaralinux.org/final/hamara_1.0.3_amd64.iso
> *   Trying 81.187.100.26...
> * Connected to downloads.hamaralinux.org (81.187.100.26) port 80 (#0)
> > GET /final/hamara_1.0.3_amd64.iso HTTP/1.1
> > Host: downloads.hamaralinux.org
> > User-Agent: curl/7.45.0
> > Accept: */*
> >
> < HTTP/1.1 301 Moved Permanently
> < Date: Tue, 13 Oct 2015 04:28:56 GMT
> < Server: Apache
> < Location: https://downloads.hamaralinux.org/final/hamara_1.0.3_amd64.iso
> < Content-Length: 270
> < Content-Type: text/html; charset=iso-8859-1
> <
> * Ignoring the response-body
> { [270 bytes data]
> ########################################################################
> 100.0%* Connection #0 to host downloads.hamaralinux.org left intact
> * Issue another request to this URL: '
> https://downloads.hamaralinux.org/final/hamara_1.0.3_amd64.iso'
> * Found bundle for host downloads.hamaralinux.org: 0x560da04352d0
> *   Trying 81.187.100.26...
> * Connected to downloads.hamaralinux.org (81.187.100.26) port 443 (#1)
> * found 180 certificates in /etc/ssl/certs/ca-certificates.crt
> * found 724 certificates in /etc/ssl/certs
> * ALPN, offering http/1.1
> * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
> *        server certificate verification OK
> *        server certificate status verification SKIPPED
> *        common name: *.hamaralinux.org (matched)
> *        server certificate expiration date OK
> *        server certificate activation date OK
> *        certificate public key: RSA
> *        certificate version: #3
> *        subject: OU=Domain Control Validated,CN=*.hamaralinux.org
> *        start date: Tue, 01 Sep 2015 08:23:38 GMT
> *        expire date: Thu, 29 Sep 2016 12:40:03 GMT
> *        issuer: C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, Inc.,OU=
> http://certs.godaddy.com/repository/,CN=Go Daddy Secure Certificate
> Authority - G2
> *        compression: NULL
> * ALPN, server did not agree to a protocol
> > GET /final/hamara_1.0.3_amd64.iso HTTP/1.1
> > Host: downloads.hamaralinux.org
> > User-Agent: curl/7.45.0
> > Accept: */*
> >
> < HTTP/1.1 200 OK
> < Date: Tue, 13 Oct 2015 04:28:58 GMT
> < Server: Apache
> < Last-Modified: Wed, 30 Sep 2015 10:27:33 GMT
> < ETag: "42800000-520f460e949e8"
> < Accept-Ranges: bytes
> < Content-Length: 1115684864
> < Content-Type: application/x-iso9660-image
> <
> { [8192 bytes data]
> #
>                        1.5%
>
> $ ll -h debian-stretch-DI-alpha3-amd64-DVD-1.iso
> -rw-r--r-- 1 shirish shirish 30M Oct 13 10:11
> debian-stretch-DI-alpha3-amd64-DVD-1.iso
>
>
> See you all in the evening :)
>
>
> --
> Regards,
> Shirish Agarwal,
> Community Lead,
> Hamaralinux.org
>


​Hello Anant and Shirish,

I was trying using the following command:
$ curl http://downloads.hamaralinux.org/final/hamara_1.0.3_amd64.iso -o
hamara_1.0.3_amd64.iso

​and when I am using same command with ubuntu its downloading the ubuntu
image but not the hamara iso. Its simply return me to prompt.

Hamara Image:
*curl http://downloads.hamaralinux.org/final/hamara_1.0.3_amd64.iso
<http://downloads.hamaralinux.org/final/hamara_1.0.3_amd64.iso> -o
hamara_1.0.3_amd64.iso*
*  % Total    % Received % Xferd  Average Speed   Time    Time     Time
 Current*
*                                 Dload  Upload   Total   Spent    Left
 Speed*
*100   270  100   270    0     0    512      0 --:--:-- --:--:-- --:--:--
511*

But in case of Ubuntu image:
*curl http://releases.ubuntu.com/14.04.3/ubuntu-14.04.3-desktop-amd64.iso
<http://releases.ubuntu.com/14.04.3/ubuntu-14.04.3-desktop-amd64.iso> -o
ubuntu-14.04.3-desktop-amd64.iso*
*  % Total    % Received % Xferd  Average Speed   Time    Time     Time
 Current*
*                                 Dload  Upload   Total   Spent    Left
 Speed*
*  0 1006M    0 41354    0     0  19527      0 15:00:20  0:00:02 15:00:18
19534*



Shirish thanks for the curl command for ignoring certificate problem, In
wget I used --no-check-certificate and wget was also working with this
option before Anant has fixed something in webserver. Now, after fixing
that problem in case of wget download is working without -no-check-certificate
option but still curl is not able to download with default options.

Thanks


-- 
Akshat Singh
[PG-8 IIITM-Kerala]
Pune

Mob.: +91-8806963718
Webpage: home-akshatsingh.rhcloud.com/aks/
<http://home-akshatsingh.rhcloud.com/aks/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.hamaralinux.org/pipermail/hamara-devel/attachments/20151013/2d5db51e/attachment-0001.html>

More information about the Hamara-devel mailing list