fiveelementgid 最近的时间轴更新
fiveelementgid
ONLINE

fiveelementgid

V2EX 第 435699 号会员,加入于 2019-08-13 16:50:11 +08:00
今日活跃度排名 2215
fiveelementgid 最近回复了
你醒啦,不过 GitHub 学生包一直没申请通过
1 天前
回复了 onice 创建的主题 程序员 试用期没通过下份工作怎么找?
信息安全培训班........这玩意居然有培训班?泪目
@longaiwp 难道不应该吗?也不要求每个发行版都有,但是不应该如同.net5 一样,各大发行版都有安装指南么
https://docs.microsoft.com/en-us/dotnet/core/install/linux
@learningman 哈哈哈哈哈哈哈,谢谢,有被笑到
2 天前
回复了 Amber2011 创建的主题 职场话题 19 届大专无经验还有救吗?
@tesguest123 你说:做这行谁不是看重高新
我直接????
不要以偏概全,谢谢
帮开源组织 debug 和改错乐在其中,至今一分钱没收过
@lancelock emmmmm 我还是等等吧
@yexiaoxing
@LokiSharp
暂时的解决方案
> If you want to trust the certificate, you can add it to your CA certificate store or use it stand-alone as described.
参考:https://curl.se/docs/sslcerts.html
简单来说就 3 个方式:
1.使用--insecure,不验证证书
2.使用--cacert [file],这里的 file 就是上面的--nokeys 导出的,或者设计环境变量 CURL_CA_BUNDLE
3.自己重新编译一份 openssl,因为 CA store 是在编译的时候打包进去的,所以 read only 。

暂时先用环境变量顶着吧

> * Trying ::1:5001...
* Connected to localhost (::1) port 5001 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: x509stores/noprivatekey.pem
CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=localhost
* start date: Nov 23 13:05:24 2020 GMT
* expire date: Nov 23 13:05:24 2021 GMT
* subjectAltName: host "localhost" matched cert's "localhost"
* issuer: CN=localhost
* SSL certificate verify ok.
@araaaa 看过一次 DNS 的文档,一言难尽,但是 Linux 的 man 确实不错

@lights php 是世界是最好的语言(狗头

@DoctorCat 重点是坑还是太多.......
@ysc3839 Linux 的文档📃确实没得说

@cnnblike 还有这样的吗。。。。。

@sneezry 没吧,我看 reviewer 就是 Effective C#和 More Effective C#的作者,好像也有负责写内容

@yexiaoxing 不了,我跑路了,等我啥时候成为高级工程师再回来啃(狗头
@crclz 重点是现在 Rider 还用不了,等年底吧

@quan01994 反向代理理论上确实只需要反向代理的服务器挂 https,我主要还是用 Apache
@LokiSharp
@yexiaoxing issue 里面的环境已经可以复现了,我贴在下边,简单来说就是自签名证书无法通过的问题
明天再按照 openssl 的 issue 说的看一下如何解决
睡觉了.....早上还有课,我直接 GG

> curl -v https://localhost:5001/
* Uses proxy env variable no_proxy == '192.168.0.0/16,localhost'
* Trying ::1:5001...
* Connected to localhost (::1) port 5001 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: self signed certificate
* Closing connection 0
curl: (60) SSL certificate problem: self signed certificate
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
关于   ·   FAQ   ·   API   ·   我们的愿景   ·   广告投放   ·   感谢   ·   实用小工具   ·   2710 人在线   最高记录 5268   ·     Select Language
创意工作者们的社区
World is powered by solitude
VERSION: 3.9.8.5 · 13ms · UTC 05:38 · PVG 13:38 · LAX 21:38 · JFK 00:38
♥ Do have faith in what you're doing.