Hello Micah,

Thank you for your reply.

Unfortunately, when I use the CURL_CA_BUNDLE variable, I get a different error:

Message: Problem with the SSL CA cert (path? access rights?

Is there something I did wrong when I imported the certificate from my Windows private mirror?

Thanks!

po 3. 4. 2023 v 19:57 odesílatel Micah Snyder (micasnyd) <micasnyd@cisco.com> napsal:

I'm not sure this will help, but can you try using the CURL_CA_BUNDLE environment variable to see if that helps?

Ex:

CURL_CA_BUNDLE=/usr/local/share/ca-certificates/cert.crt freshclam

https://docs.clamav.net/faq/faq-freshclam.html?highlight=curl_#problem-with-the-ssl-ca-cert

Regards,

Micah

Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.

From: clamav-users <clamav-users-bounces@lists.clamav.net> on behalf of Petr Novák via clamav-users <clamav-users@lists.clamav.net>
Sent: Monday, April 3, 2023 7:23 AM
To: clamav-users@lists.clamav.net <clamav-users@lists.clamav.net>
Cc: Petr Novák <larryn13@gmail.com>
Subject: [clamav-users] ssl peer certificate or ssh remote key was not ok

Hi guys,

I have an issue with freshclam.

We are setting up freshclam clients (Debian 11) which are downloading database via private mirror which is using HTTPS. When I tried to use freshclam on my Windows client, it worked, but on my Debian Client, I get error message "ssl peer certificate or ssh remote key was not ok".

I imported my private mirror's SSL certificate via this method:

cp cert.crt /usr/local/share/ca-certificates/

update-ca-certificates

But even after this, the error still persists.

Is there any way to make this work? I am a beginner in Linux, so I don't really know what to do next.

Thanks