Wget, a command-line utility for retrieving files using HTTP, HTTPS, and FTP protocols, performs SSL certificate validation by default when connecting to HTTPS websites. This validation process involves checking the authenticity and validity of the SSL/TLS certificate presented by the server.
The certificate check includes verifying:
- The certificate’s digital signature
- The certificate’s expiration date
- The certificate’s issuer (whether it’s from a trusted Certificate Authority)
- The certificate’s hostname matches the server’s hostname
When Wget encounters an SSL certificate that fails these checks, it typically refuses to establish a connection, preventing the download of the requested file.
Using the –no-check-certificate Option
The primary method to ignore SSL certificate errors in Wget is by using the --no-check-certificate
option. This command-line flag instructs Wget to bypass the SSL certificate validation process entirely. The syntax for using this option is:
# Use wget to download a file, ignoring SSL certificate errors
wget --no-check-certificate https://example.com/file.zip
While this method is straightforward and effective, it’s important to note that using --no-check-certificate
carries significant security risks. By bypassing certificate validation, you become vulnerable to man-in-the-middle attacks and cannot verify the authenticity of the server you’re connecting to (GNU Wget Security Considerations).
Source: https://scrapingant.com/blog/wget-ignore-ssl