[clamav-users] database updates blocked
Micah Snyder (micasnyd)
micasnyd at cisco.com
Tue Aug 17 16:05:24 UTC 2021
If you're running into the CA cert problem with FreshClam because your CA certificate bundle is in a non-standard place, you can also set the CURL_CA_BUNDLE environment to point to the file holding one or more certificates. FreshClam and ClamSubmit will check that environment variable and use it instead of the default openssl CA path.
My apologies that this isn't in the documentation (yet). I will add it today. https://github.com/Cisco-Talos/clamav/issues/175
[https://opengraph.githubassets.com/3a88d2ae78ed898d56aa65df2cb4612e35e2cdff07ca8efd5d0fbb78efed4d33/Cisco-Talos/clamav/issues/175]<https://github.com/Cisco-Talos/clamav/issues/175>
CURL_CA_BUNDLE environment variable missing from freshclam, clamsubmit documentation · Issue #175 · Cisco-Talos/clamav<https://github.com/Cisco-Talos/clamav/issues/175>
Describe the bug Missing documentation for CURL_CA_BUNDLE option to customize the CA bundle path. How to reproduce the problem Grep the clamav source for "CURL_CA_BUNDLE". It only appears...
github.com
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
________________________________
From: clamav-users <clamav-users-bounces at lists.clamav.net> on behalf of Jona Tallieu <jona at tnt.be>
Sent: Tuesday, August 17, 2021 5:55 AM
To: ClamAV users ML <clamav-users at lists.clamav.net>
Subject: Re: [clamav-users] database updates blocked
Dear,
Thanks for your answer.
We are using Freshclam, the curl was a test to see what the problem was.
The logs show a SSL CA cert problem:
13:26:22.633 5 EXTFILTER(CGPClamAV) inp(059): * ClamAV update process started at Mon Aug 16 13:26:22 2021
13:26:22.634 5 EXTFILTER(CGPClamAV) inp(048): * WARNING: Your ClamAV installation is OUTDATED!
13:26:22.634 5 EXTFILTER(CGPClamAV) inp(062): * WARNING: Local version: 0.103.2 Recommended version: 0.103.3
13:26:22.634 5 EXTFILTER(CGPClamAV) inp(069): * DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
13:26:22.634 5 EXTFILTER(CGPClamAV) inp(083): * daily database available for update (local version: 26231, remote version: 26265)
13:26:24.644 5 EXTFILTER(CGPClamAV) inp(104): * WARNING: Download failed (77) * WARNING: Message: Problem with the SSL CA cert (path? access rights?)
13:26:24.644 5 EXTFILTER(CGPClamAV) inp(109): * WARNING: downloadPatch: Can't download daily-26232.cdiff from https://database.clamav.net/daily-26232.cdiff
13:26:24.646 5 EXTFILTER(CGPClamAV) inp(104): * WARNING: Download failed (77) * WARNING: Message: Problem with the SSL CA cert (path? access rights?)
13:26:24.646 5 EXTFILTER(CGPClamAV) inp(109): * WARNING: downloadPatch: Can't download daily-26232.cdiff from https://database.clamav.net/daily-26232.cdiff
13:26:24.651 5 EXTFILTER(CGPClamAV) inp(104): * WARNING: Download failed (77) * WARNING: Message: Problem with the SSL CA cert (path? access rights?)
13:26:24.651 5 EXTFILTER(CGPClamAV) inp(109): * WARNING: downloadPatch: Can't download daily-26232.cdiff from https://database.clamav.net/daily-26232.cdiff
13:26:24.651 5 EXTFILTER(CGPClamAV) inp(066): * WARNING: Incremental update failed, trying to download daily.cvd
13:26:24.653 5 EXTFILTER(CGPClamAV) inp(104): * WARNING: Download failed (77) * WARNING: Message: Problem with the SSL CA cert (path? access rights?)
13:26:24.653 5 EXTFILTER(CGPClamAV) inp(078): * WARNING: Can't download daily.cvd from https://database.clamav.net/daily.cvd
But the ca-certificates package (which contains the CA roots) is the most recent version. Other Cloudflare hosted url’s (with the same TLS settings) work fine…
Best,
Jona
From: clamav-users <clamav-users-bounces at lists.clamav.net> on behalf of "Joel Esler (jesler) via clamav-users" <clamav-users at lists.clamav.net>
Reply-To: ClamAV users ML <clamav-users at lists.clamav.net>
Date: Tuesday, 17 August 2021 at 14:45
To: ClamAV users ML <clamav-users at lists.clamav.net>
Cc: "Joel Esler (jesler)" <jesler at cisco.com>
Subject: Re: [clamav-users] database updates blocked
Resent-From: <jona at mail.tnt.be>
Resent-Date: Tuesday, 17 August 2021 at 14:45
Curl is not authorized to be used to download updates. Please use Freshclam or cvdupdate to download updates.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20210817/04edd613/attachment.htm>
More information about the clamav-users
mailing list