Created
August 12, 2016 23:40
-
-
Save telamonian/875affc6e16cba8b8be08850c982555a to your computer and use it in GitHub Desktop.
Working around SSL certificate issues in homebrew cask
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Today I tried to install latexit using brew cask but couldn't: | |
| $ brew cask install latexit | |
| ... | |
| curl: (60) SSL certificate problem: Invalid certificate chain | |
| ... | |
| Error: Download failed on Cask 'latexit' with message: Download failed: https://www.chachatelier.fr/latexit/downloads/LaTeXiT-2_8_1.dmg | |
| Turns out that https://www.chachatelier.fr let their SSL certificate expire about a week ago. I still wanted to install latexit using brew, so here's what I did: | |
| - Opened /usr/local/Library/Taps/caskroom/homebrew-cask/lib/hbc/download_strategy.rb | |
| - Found the function `cask_curl_args` | |
| def cask_curl_args | |
| default_curl_args.tap do |args| | |
| args.concat(user_agent_args) | |
| args.concat(cookies_args) | |
| args.concat(referer_args) | |
| end | |
| end | |
| - Added the "insecure" option to the args: | |
| def cask_curl_args | |
| default_curl_args.tap do |args| | |
| args.concat(user_agent_args) | |
| args.concat(cookies_args) | |
| args.concat(referer_args) | |
| args.concat(["-k"]) | |
| end | |
| end | |
| The -k or --insecure flag turns off SSL certificate checking when passed to curl. Granted, this isn't the safest thing to do, so don't make this a permanent modification. In this case it seemed pretty clear what had happened (lapsed certificate renewal), and the download still passed it's checksum, so it seems like all is well. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment