# Can't fetch files from https links



## A0101 (Nov 2, 2015)

Hi, I was trying to install ports but the `fetch` command failed at every HTTPS links. I installed from fresh 10.2-RELEASE memstick image, and I also tried vm image but got the same error.

After the installation completed, I run the following steps:

1. `freebsd-update fetch`
2. `freebsd-update install`
3. `portsnap fetch`
4. `portsnap extract`

Then change to ports directory, run `make config` then `make install`


```
root@:/usr/ports/www/seahub # make install clean
===>  License APACHE20 accepted by the user
===>  Found saved configuration for seahub-4.0.5_1
===>   seahub-4.0.5_1 depends on file: /usr/local/sbin/pkg - found
=> haiwen-seahub-v4.0.5-pro_GH0.tar.gz doesn't seem to exist in /usr/ports/distfiles/seahub.
=> Attempting to fetch https://codeload.github.com/haiwen/seahub/tar.gz/v4.0.5-pro?dummy=/haiwen-seahub-v4.0.5-pro_GH0.tar.gz
675161644:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:782:
fetch: https://codeload.github.com/haiwen/seahub/tar.gz/v4.0.5-pro?dummy=/haiwen-seahub-v4.0.5-pro_GH0.tar.gz: Authentication error
```

Googling around and looks like it's related to `ca_root_nss` missing package, but I've installed it


```
# pkg info ca_root_nss
ca_root_nss-3.20
Name           : ca_root_nss
Version        : 3.20
Installed on   : Mon Nov  2 14:31:44 ICT 2015
Origin         : security/ca_root_nss
Architecture   : freebsd:10:*
Prefix         : /usr/local
Categories     : security
Licenses       : MPL
Maintainer     : gecko@FreeBSD.org
WWW            : UNKNOWN
Comment        : Root certificate bundle from the Mozilla Project
Options        :
        ETCSYMLINK     : on
Annotations    :
Flat size      : 939KiB
Description    :
Root certificates from certificate authorities included in the Mozilla
NSS library and thus in Firefox and Thunderbird.

This port directly tracks the version of NSS in the security/nss port.
```

Sym links are correct


```
# ls -l /etc/ssl/cert.pem
lrwxr-xr-x  1 root  wheel  38 Nov  2 14:31 /etc/ssl/cert.pem -> /usr/local/share/certs/ca-root-nss.crt

# ls -l /usr/local/etc/ssl/cert.pem
lrwxr-xr-x  1 root  wheel  38 Nov  2 16:02 /usr/local/etc/ssl/cert.pem -> /usr/local/share/certs/ca-root-nss.crt
```

Though I can download the links manually but it's PITA to do. I'm not sure what's broken, and what could I do to fix this?

Thanks for your input.


----------



## Anjar Wmk (Nov 5, 2015)

Did you connect through proxy ?


----------



## drTr0jan (Nov 30, 2015)

Yes, I'm connecting via proxy and have same problem.
But wget downloads the file successfully.


----------

