problem with certificate
hi,
sry this is a copy of https://github.com/peterbillam/muscript/issues/3 but I finally managed to login to gitlab.
I tried sending you an email to what I saw in the git log and it bounced back so here I am.
Thanks for all your open source contributions ! I am myself a FOSS contributor and I maintain the lua packages for the https://nixos.org/ distribution.
I have a problem when trying to download the archive described in the rockspec here (which is needed to install the package on my distrib): https://luarocks.org/modules/peterbillam/readline/3.3-0
Here is the first error I had running a curl wrapper called "nix-prefetch-url"
❌1 ❯ nix-prefetch-url http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz
warning: error: unable to download
'http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz': HTTP error 302
(curl error: SSL peer certificate or SSH remote key was not OK);
retrying in 305 ms
warning: error: unable to download
'http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz': HTTP error 302
(curl error: SSL peer certificate or SSH remote key was not OK);
retrying in 699 ms
warning: error: unable to download
'http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz': HTTP error 302
(curl error: SSL peer certificate or SSH remote key was not OK);
retrying in 1191 ms
warning: error: unable to download
'http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz': HTTP error 302
(curl error: SSL peer certificate or SSH remote key was not OK);
retrying in 2810 ms
error: unable to download
'http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz': HTTP error 302
(curl error: SSL peer certificate or SSH remote key was not OK)
nixpkgs3 on bump-luarocks-packages took 6s
❌1 ❯ nix-prefetch-url http://pjb.com.au/comp/lua/readline-3.3.tar.gz
path is '/nix/store/19x0z1jbj35kw1gnzbqnvc9m65zc8cjk-readline-3.3.tar.gz'
1200abbqhr8p9xzxv0zwlcc99wfdqhxcq8vxnalsvflv4bidhfqs
(note that second call works if I remove the "www" prefix) I tried again with wget
➜ result/bin/wget http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz
--2023-09-09 02:23:14-- http://[www.pjb.com.au](http://www.pjb.com.au/)/comp/lua/readline-3.3.tar.gz
Resolving [www.pjb.com.au](http://www.pjb.com.au/) ([www.pjb.com.au](http://www.pjb.com.au/))... 103.168.172.37, 103.168.172.52
Connecting to [www.pjb.com.au](http://www.pjb.com.au/) (www.pjb.com.au)|103.168.172.37|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.pjb.com.au/comp/lua/readline-3.3.tar.gz [following]
--2023-09-09 02:23:15-- https://www.pjb.com.au/comp/lua/readline-3.3.tar.gz
Connecting to [www.pjb.com.au](http://www.pjb.com.au/) ([www.pjb.com.au](http://www.pjb.com.au/))|103.168.172.37|:443... connected.
ERROR: no certificate subject alternative name matches
requested host name ‘[www.pjb.com.au](http://www.pjb.com.au/)’.
To connect to [www.pjb.com.au](http://www.pjb.com.au/) insecurely, use `--no-check-certificate'.
❌5 ❯ result/bin/wget
http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz
--no-check-certificate
--2023-09-09 02:23:32-- http://www.pjb.com.au/comp/lua/readline-3.3.tar.gz
Resolving [www.pjb.com.au](http://www.pjb.com.au/) ([www.pjb.com.au](http://www.pjb.com.au/))... 103.168.172.52, 103.168.172.37
Connecting to [www.pjb.com.au](http://www.pjb.com.au/) ([www.pjb.com.au](http://www.pjb.com.au/))|103.168.172.52|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.pjb.com.au/comp/lua/readline-3.3.tar.gz [following]
--2023-09-09 02:23:32-- https://www.pjb.com.au/comp/lua/readline-3.3.tar.gz
Connecting to [www.pjb.com.au](http://www.pjb.com.au/) ([www.pjb.com.au](http://www.pjb.com.au/))|103.168.172.52|:443... connected.
WARNING: no certificate subject alternative name matches
requested host name ‘[www.pjb.com.au](http://www.pjb.com.au/)’.
HTTP request sent, awaiting response... 200 OK
Length: 16370 (16K) [application/x-gzip]
Saving to: ‘readline-3.3.tar.gz’
readline-3.3.tar.gz
100%[=======================================================================================================>]
15.99K --.-KB/s in 0.03s
2023-09-09 02:23:33 (585 KB/s) - ‘readline-3.3.tar.gz’ saved [16370/16370]
Thus I wonder if you would be interested in either of these solutions:
- include www. to your website certificate
- reupload the readline rockspec with an url that doesn't contain the www ?
- alternatively reupload the rockspec with a github/gitlab archive.
Cheers !