Solution: cannot verify github.com’s certificate, issued by `/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV CA-1′:

I was trying to making an .APK file for Android using python-for-android provided by tito on Github. When I completed the installation of prequisities and start the process of makin the .apk file of example kivy application(see www.kivy.org for examples), I came across this issue:

cannot verify github.com’s certificate, issued by `/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV CA-1′:

I tried the same on other linux machines whose operation systems are Ubuntu and Linux Mint and both gave me the same error. The terminal also suggest that when the program trying to make a ssl connection, add –no-check-certificate argument to it and it will pass the controlling certificate. I tried this:

./distribute.sh -m "kivy" --no-check-certificate

It gave me another error which says that distribute.sh does not have –no-check-certificate option. After all, I realized that this option belongs to wget. So, if you are using wget and getting some error like that, you can try this option and it will probably solve your problem. Otherwise, if you are not utilizing wget directly, you have to find in your program file(here it is distribute.sh) wget prompts and add “–no-check-certificate” to them. In python-for-android, I have made somethink like this:

The last line of this was changed:

# download if needed
        if [ $do_download -eq 1 ]; then
            info "Downloading $url"
            try $WGET $url

The final state of the sh code is:

# download if needed
        if [ $do_download -eq 1 ]; then
            info "Downloading $url"
            info "You can add a message here in order to understand what did you change last time."
            try $WGET --no-check-certificate $url

As seen in the code, I have added a line and changed a part of the last line. The purpose of the adding is being aware of what we did last time when we will use this in future. In the last line, of course, added the –no-check-certificate option to wget command.

sa

 
comments powered by Disqus