Alpine Linux, wget, and ca-certificates
I’ve been working with Alpine Linux this week. This tiny Linux distribution is an excellent choice for a base docker image or, in my case, for a low power VPS. I love how easy and fast it is to install and configure this distribution.
One stumbling block that I ran into was downloading random things from the internet with wget.
Unable to locally verify the issuer's authority.
To connect to dl.eff.org insecurely, use `--no-check-certificate'
I saw this timely tweet by Joe Gross the other day and decided that rather than ignoring the error messages that wget was throwing I would go and figure out what was wrong.
It turns out that when you make an 83MB distribution you need to cut some of the fat. The ca-certificates package that is common in every Linux Distribution under the sun is missing from the default installation of Alpine.
In order to resolve the angry warnings from wget, you can install the ca-certificates package with the following command:
apk -U add ca-certificates
This will make wget happy, and your server secure. In case you are wondering, skipping this step and running wget with –no-check-certificate totally works. However, it is also inviting a man in the middle attack. Don’t ever do this.
Thank you for reading! Share your thoughts with me on bluesky, mastodon, or via email.
Check out some more stuff to read down below.
Most popular posts this month
- 3 packs
- Coming of Age in the Craw
- Coursera Rails Module 2 Notes
- Growing the CircleCI Community with Discourse
- I sold all my shit
Recent Favorite Blog Posts
This is a collection of the last 8 posts that I bookmarked.
- DEP-18: A proposal for Git-based collaboration in Debian from Optimized by Otto
- [RIDGELINE] No Phones in The Ten-don Shop from Craig Mod — Writer + Photographer
- My next chapter with Mastodon from Mastodon Blog
- How many pillars of observability can you fit on the head of a pin? from charity.wtf
- The Software Essays that Shaped Me from Refactoring English
- Give Your Spouse the Gift of a Couple's Email Domain from mtlynch.io
- Skip the Next iPhone from Articles on Jose M.
- Have smart glasses finally hit an inflection point? from The Torment Nexus
Articles from blogs I follow around the net
Pluralistic: Meta's new top EU regulator is contractually prohibited from hurting Meta's feelings (01 Dec 2025)
Today's links Meta's new top EU regulator is contractually prohibited from saying mean things about Meta: It's one thing to hire an ex-Meta lobbyist, another entirely if she's signed a non-disparagement contract. Hey look at this: Delights…
via Pluralistic: Daily links from Cory Doctorow December 1, 2025Getting Warmer
ESA/Hubble & NASA, ESO/ Lutz Wisotzki et al The early Universe as seen by the MUSE spectrograph on ESO’s Very Large Telescope. So first the Big Bang happens. Everything is incredibly hot and dense; there are photons flying everywhere, but they keep coll…
via Brian Koberlein December 1, 2025Recently
This’ll be the last Recently in 2025. It’s been a decent year for me, a pretty rough year for the rest of the world. I hope, for everyone, that 2026 sees the reversal of some of the current trends. Watching This video from Daniel Yang, who makes spectacular b…
via macwright.com December 1, 2025Generated by openring