How to use wget with ssl certificate

138.7k Views Asked by Siva Gnanam At 09 March 2014 at 12:11

I am using wget in my program to get some file using HTTP protocol. Here i need to set security so we moved HTTP protocol to HTTPS.

After changing to HTTPS how to perform wget. I mean how to make trusted connection between two machines then perform wget.

I want to make sure that wget can be performed from certain system only.

Original Q&A

There are 3 best solutions below

Aaron C On 23 May 2018 at 17:25

Step 1: SSL Certificates

First things first, if this machine is on the internet and the SSL certificate is signed by a trusted source, there is no need to specify a certificate.

However, if there is a self signed certificate involved things get a little more interesting.

For example:

if this machine uses a self signed certificate, or
if you are on a network with a proxy that re-encrypts all https connections

Then you need to trust the public key of the self signed certificate. You will need to export the public key as a .CER file. How you got the SSL certificate will determine how you get the public key as a .CER

Once you have the .CER then...

Step 2: Trust the Certificate

I suggest two options:

option one

wget --ca-certificate={the_cert_file_path} https://www.google.com

option two

set the option on ~/.wgetrc

ca_certificate={the_cert_file_path}

Additional resources

Blog post about this wget and ssl certificates
wget manual

Demitri On 23 December 2019 at 17:03

macOS users can use the cert.pem file:

wget --ca-certificate=/etc/ssl/cert.pem

or set in your ~/.wgetrc:

ca_certificate = /etc/ssl/cert.pem

David C. On 13 September 2022 at 18:21

On Linux (at least on my Debian and Ubuntu distributions), you can do the following to install your cert to be trusted system-wide.

Assuming your certificate is ~/tmp/foo.pem, do the following:

Install the ca-certificates package, if it is not already present, then do the following to install foo.pem:

$ cd ~/tmp
$ chmod 444 foo.pem
$ sudo cp foo.pem /usr/local/share/ca-certificates/foo.crt
$ sudo update-ca-certificates

Once this is done, most apps (including wget, Python and others) should automatically use it when it is required by the remote site.

The only exception to this I've found has been the Firefox web browser. It has its own private store of certificates, so you need to manually install the cert via its Settings interface if you require it there.

At least this has always worked for me (to install a corporate certificate needed for Internet access into the Linux VMs I create).

How to use wget with ssl certificate

There are 3 best solutions below

Step 1: SSL Certificates

Step 2: Trust the Certificate

option one

option two

Additional resources

Related Questions in SSL

Related Questions in CERTIFICATE

Related Questions in WGET

Related Questions in TRUSTEDCONNECTION

Trending Questions

Popular # Hahtags

Popular Questions