Hi, I'm back again. I was here last month, and got some help, but it didn't resolve my issue. I could see some legitimate questions, so I decided I'd better go back and "get my ducks in a row". (This is a hand-made 32-bit version of LFS that has to run on some legacy hardware.)
So... Here's what freshclam now does: ------------ [09:37 scripts]# cat ~/fresh.log Sat Jul 17 09:25:51 2021 -> ClamAV update process started at Sat Jul 17 09:25:51 2021 Sat Jul 17 09:25:51 2021 -> daily database available for download (remote version: 26235) Sat Jul 17 09:25:51 2021 -> ^Download failed (77) Sat Jul 17 09:25:51 2021 -> ^ Message: Problem with the SSL CA cert (path? access rights?) Sat Jul 17 09:25:51 2021 -> ^Can't download daily.cvd from https://database.clamav.net/daily.cvd Sat Jul 17 09:25:51 2021 -> Trying again in 5 secs... Sat Jul 17 09:25:56 2021 -> daily database available for download (remote version: 26235) Sat Jul 17 09:25:56 2021 -> ^Download failed (77) Sat Jul 17 09:25:56 2021 -> ^ Message: Problem with the SSL CA cert (path? access rights?) Sat Jul 17 09:25:56 2021 -> ^Can't download daily.cvd from https://database.clamav.net/daily.cvd Sat Jul 17 09:25:56 2021 -> Trying again in 5 secs... Sat Jul 17 09:26:01 2021 -> daily database available for download (remote version: 26235) Sat Jul 17 09:26:01 2021 -> !Download failed (77) Sat Jul 17 09:26:01 2021 -> ! Message: Problem with the SSL CA cert (path? access rights?) Sat Jul 17 09:26:01 2021 -> !Can't download daily.cvd from https://database.clamav.net/daily.cvd Sat Jul 17 09:26:01 2021 -> Giving up on https://database.clamav.net... Sat Jul 17 09:26:01 2021 -> daily database available for download (remote version: 26235) Sat Jul 17 09:26:01 2021 -> ^Download failed (77) Sat Jul 17 09:26:01 2021 -> ^ Message: Problem with the SSL CA cert (path? access rights?) Sat Jul 17 09:26:01 2021 -> ^Can't download daily.cvd from https://database.clamav.net/daily.cvd Sat Jul 17 09:26:01 2021 -> Trying again in 5 secs... Sat Jul 17 09:26:06 2021 -> daily database available for download (remote version: 26235) Sat Jul 17 09:26:06 2021 -> ^Download failed (77) Sat Jul 17 09:26:06 2021 -> ^ Message: Problem with the SSL CA cert (path? access rights?) Sat Jul 17 09:26:06 2021 -> ^Can't download daily.cvd from https://database.clamav.net/daily.cvd Sat Jul 17 09:26:06 2021 -> Trying again in 5 secs... Sat Jul 17 09:26:11 2021 -> daily database available for download (remote version: 26235) Sat Jul 17 09:26:11 2021 -> !Download failed (77) Sat Jul 17 09:26:11 2021 -> ! Message: Problem with the SSL CA cert (path? access rights?) Sat Jul 17 09:26:11 2021 -> !Can't download daily.cvd from https://database.clamav.net/daily.cvd Sat Jul 17 09:26:11 2021 -> Giving up on https://database.clamav.net... Sat Jul 17 09:26:11 2021 -> !Update failed for database: daily Sat Jul 17 09:26:11 2021 -> !Database update process failed: Connection failed Sat Jul 17 09:26:11 2021 -> !Update failed. [09:38 scripts]# ------------ That's the same problem. In brief, here's how the relevant packages were built. ------------ - Jun 20 13:27 net-07-make-ca-0.7 wget http://www.cacert.org/certs/root.crt && wget http://www.cacert.org/certs/class3.crt && openssl x509 -in root.crt -text -fingerprint -setalias "CAcert Class 1 root" \ -addtrust serverAuth -addtrust emailProtection -addtrust codeSigning \ > /etc/ssl/local/CAcert_Class_1_root.pem && openssl x509 -in class3.crt -text -fingerprint -setalias "CAcert Class 3 root" \ -addtrust serverAuth -addtrust emailProtection -addtrust codeSigning \ > /etc/ssl/local/CAcert_Class_3_root.pem && - Jun 22 11:15 opt-02-clamav-0.103.3 # clamav included llvm-2 won't compile w/ gcc-6.20, system llvm # only supported up to 3.7, and we have 3.81. disable it. (./configure --sysconfdir=/etc --disable-llvm --disable-ipv6 2>&1 | \ tee log.conf && exit $PIPESTATUS) && - Jun 29 10:32 adm-04-curl-7.77.0 (./configure --with-ca-path=/etc/ssl/certs --enable-threaded-resolver \ --with-ca-bundle=/etc/ssl/ca-bundle.crt --with-gnutls --with-openssl \ --disable-static --disable-ipv6 2>&1 | tee log.conf && exit $PIPESTATUS) && - Jul 7 22:41 net-05-openssl-1.0.2u (./config --prefix=/usr --libdir=lib --openssldir=/etc/ssl \ zlib-dynamic shared 2>&1 | tee log.conf && exit $PIPESTATUS) && ------------ I wonder if I'm building these packages to "play well together" (I thought I was), and if I've even got the right certificate for clam. Help would be much appreciated. TIA! -- Paul Rogers paulgrog...@fastmail.fm Rogers' Second Law: "Everything you do communicates." (I do not personally endorse any additions after this line. TANSTAAFL :-) _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
