TLS certificate validation not implemented

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
Author Message
mflach
DD-WRT Novice


Joined: 10 Oct 2021
Posts: 1

PostPosted: Sun Oct 10, 2021 0:23    Post subject: TLS certificate validation not implemented Reply with quote
I have a Linksys WRT1900AC running the latest DD-WRT build. I got it to specifically run YAMon4 to see who on my network is using all my bandwidth. I've run this on another router and it worked fine. On this router I get the following error when running wget

Quote:
root@FlachFamily:~# wget 'http://usage-monitoring.com/current/YAMon4/Setup/install.sh' -qO /tmp/install.sh
wget: note: TLS certificate validation not implemented
wget: TLS error from peer (alert code 40): handshake failure
wget: error getting response: Connection reset by peer
root@FlachFamily:~#


I've searched quite a bit but couldn't find a solution. Any assistance would be greatly appreciated.
Sponsor
dTX
DD-WRT User


Joined: 28 Dec 2018
Posts: 83

PostPosted: Sun Oct 10, 2021 1:38    Post subject: Reply with quote
@mflach just use cURL,wget seems not capable to retrieve that link. I'm just glad that it's still works with opkg.

curl -s https://usage-monitoring.com/current/YAMon4/Setup/install.sh -o /tmp/install.sh

should do the trick....

_________________
Router: ASUS AC1900(RT-AC68U)
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14125
Location: Texas, USA

PostPosted: Sun Oct 10, 2021 3:59    Post subject: Reply with quote
It seems that wget is not retrieving the file, whatsoever on 47525. This means any device without curl will have to be done the fun way using scp.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Thu Oct 14, 2021 15:12    Post subject: Reply with quote
dTX wrote:
@mflach just use cURL,wget seems not capable to retrieve that link. I'm just glad that it's still works with opkg.

curl -s https://usage-monitoring.com/current/YAMon4/Setup/install.sh -o /tmp/install.sh

should do the trick....


Indeed this is the correct way, the error OP sees just means that this particular wget doesn't support HTTPS.

Quote:
root@FlachFamily:~# wget 'http://usage-monitoring.com/current/YAMon4/Setup/install.sh' -qO /tmp/install.sh
wget: note: TLS certificate validation not implemented
wget: TLS error from peer (alert code 40): handshake failure
wget: error getting response: Connection reset by peer
root@FlachFamily:~#


Yep, the messages should say, "Hey I don't support HTTPS", but alas that's not how its done.

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
bushant
DD-WRT Guru


Joined: 18 Nov 2015
Posts: 2028

PostPosted: Thu Oct 14, 2021 15:53    Post subject: Reply with quote
Just as FYI the wget package supplied with entware does support HTTPS.
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Thu Oct 14, 2021 16:18    Post subject: Reply with quote
bushant wrote:
Just as FYI the wget package supplied with entware does support HTTPS.


yep you are correct, new version of wget via entware supports https, but if you end up installing entware you better get curl... Razz
What amused me was, the new wget doesn't support ftp ...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14125
Location: Texas, USA

PostPosted: Thu Oct 14, 2021 16:26    Post subject: Reply with quote
It worked fine before this last busybox update without the need for compiled in https / ssl support. It may be something on the website end of things that changed as well. I would have to review the code. Could be that we no longer have native ftp support in busybox wget as well as the other new options.

@Alozaros: That was because of upstream changes and BS didn't enable the new options in wget. This is where there are differences between 1) DD-WRT Official and Community Builds (which directly and indirectly support official development) and 2) FreshTomato Official and my personal builds.

_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum