Hi. On Mon, May 04, 2020 at 09:27:14AM +0200, Mark Jonas wrote: > >> >> curl: (60) SSL certificate problem: unable to get local issuer > >> >> certificate > >> >> > >> >> Does that mean a TLS library does not feature all required protocols on > >> >> armhf? > >> > > >> > TLS library that curl uses (openssl) is perfectly fine, but it cannot > >> > validate any certificate unless you provide it with root CA > >> > certificates. > >> > So it likely means you haven't installed "ca-certificates" package. > >> > >> This is what it looks like. But actually I installed ca-certificates. > > > > Ok. Can you run tcpdump while you're running curl? > > Specifically, > > > > tcpdump -s0 -pnni any -w /tmp/curl.pcap tcp port 443 > > I tried to dump from within the running container but failed.
It's way too complicated. Docker is basically a one big NAT, so please run tcpdump on a host instead. But this hiccup gave me an idea - maybe libssl on armhf is perfectly fine, but it's qemu which fails to emulate certain CPU instruction. Reco
