[coreboot] wget fails to fetch from acpica.org
ray at se-eng.com
Sat May 12 00:18:58 CEST 2012
I ran into an issue yesterday with wget fetching the source packages for
the iasl build from the acpica.org website. It seems that they have
changed their SSL implementation. Specifically, this site, as of
yesterday, uses TLS-SNI on the backend. Wget versions that I have
tried, 1.12 and the latest 1.13.4, fail with:
ERROR: cannot verify www.acpica.org's certificate, issued by
Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure
Issued certificate has expired.
ERROR: certificate common name `ofono.org' doesn't match requested host
To connect to www.acpica.org insecurely, use `--no-check-certificate'.
The suggestion back from acpica.org is to use curl, which can properly
handle TLS-SNI. It appears that there may be patches around for
TLS-SNI implementation within wget. So, as an alternative, we can build
our own wget in coreboot. Or, we could simply pass in
In any case, it seems that a change needs to be made to the buildgcc
script to get iasl to build. Does anyone have a preference on direction
for this change?
More information about the coreboot