Because wget uses gnutls for verification, curl -- openssl and browsers -- their own implementations.
Thanks! Best regards, Grigorii On Fri, 19 Feb 2021 at 21:06, Benno Schulenberg < coordina...@translationproject.org> wrote: > > Op 17-02-2021 om 10:28 schreef Nekolyanich: > > I find this https://debbugs.gnu.org/cgi/bugreport.cgi?bug=45358 > recently. > > Cannot reproduce. Downloading any project's PO files with wget works > fine here -- no complaints about certificates. > > Why does your wget complain when curl and Firefox have no problem? > > > Your site(translationproject.org) provides > > > > Subject: C=US,O=Let's Encrypt,CN=R3 > > Issuer: O=Digital Signature Trust Co.,CN=DST Root CA X3 > > Serial: 85078157426496920958827089468591623647 > > > > as CA certificate. > > But your EndEntity certificate signed with > > > > Subject: C=US,O=Let's Encrypt,CN=R3 > > Issuer: C=US,O=Internet Security Research Group,CN=ISRG Root X1 > > Serial: 192961496339968674994309121183282847578 > > > > You can find this certificate on LetsEncrypt site. > > I have no idea what to do about this. Any guidance? > > Benno > > > > >
