OpenSSL certs on OLD Debian

Problem: (Outdated SSL on Debian Squeeze, Wheezy, Jessie, Stretch etc):

error: server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none

Try to update certs (sometimes it is enouph):

update-ca-certificates --fresh

Solution: Copy /etc/ssl/certs from newer Debian installation:

## make backup copy:
mkdir -p /backup
rsync -avP /etc /backup/`date +%d%m%y-%s`

## replace with new certs:
rsync -avP root@NEW-DEBIAN-HOST:/etc/ssl/certs /etc/ssl/

Problem: (Outdated curl:)

curl https://github.com
curl: (35) error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version

Solution: Install gurl (golang version of curl with embedded SSL):

curl -L 'http://files.matveynator.ru/gurl/latest/linux/amd64/gurl' > /usr/local/bin/gurl; chmod +x /usr/local/bin/gurl;
gurl https://github.com

OpenSSL certs on OLD Debian

Problem: (Outdated SSL on Debian Squeeze, Wheezy, Jessie, Stretch etc):

Try to update certs (sometimes it is enouph):

Solution: Copy /etc/ssl/certs from newer Debian installation:

Problem: (Outdated curl:)

Solution: Install gurl (golang version of curl with embedded SSL):

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally