Personal dietpi-banner problem

Falconcrest · 13 December 2024 18:32

I have a problem with curl and dietpi-banner.

Under dietpi-banner I have created an info with the following content under custum banner with the help of the forum here.

echo -e "Kernel | OS Release | Weather\n   Kernel : $(uname -r)\n   OS Release : $(cat /etc/debian_version)\n   Weather : $(curl -sSfLm 3 https://wttr.in/Falkensee?format=4)"

There now seem to be problems with curl on all my DietPi installations.

The output of dietpi-banner looks like this:

Info : curl: (60) SSL certificate problem: certificate has expired
More details here: curl - SSL CA Certificates

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

I have to admit that I don’t understand any of this and would like to ask politely what a solution to the problem might look like.
The site https://curl.se/docs/sslcerts.html
doesn’t really help me personally…

Many thanks in advance!

pulpe · 13 December 2024 18:41

Website certificate expired two days ago. You could try to add k switch to curl command to ignore certificate check.

Falconcrest · 13 December 2024 18:44

Thank you for your feedback.
However, if you look at the website described, this is not recommended under any circumstances.
So this would seem to be “only” a temporary solution.
Is there possibly also a safe adjustment?

pulpe · 13 December 2024 18:51

Problem is on the website, they need to renew certificate. Only solition for you now is to ignore the certificate.

Joulinar · 13 December 2024 18:57

Yes this has nothing to do with DietPi. It’s the website you are trying to reach. Simply open https://wttr.in on your Desktop and you will receive the SSL warning. Nothing we can do on this.

Falconcrest · 13 December 2024 19:25

I already thought it wasn’t DietPi.
Of course it works with the -k option.
Are the certificates renewed automatically or do I have to take action? So far it has worked and the expired certificates must have come from somewhere.

Joulinar · 13 December 2024 19:41

Is https://wttr.in owned by you? If not, nothing you can do except contacting web site owner

Falconcrest · 13 December 2024 20:45

Of course I am not the owner!
Then let’s leave it at that. Thank you!

MichaIng · 16 December 2024 13:17

We use the same website for the native whether output of the DietPi banner . Interestingly it can be accessed well via browser. We faced it in some other cases, when websites updated their Let’s Encrypt certificates a weird way, after they moved to their own R3 intermediate CA. Somehow the old invalid one is still shipped by default, but browsers seem to have implemented some workaround to pull the correct one or so.

Which Debian version do you use? Bookworm or still Bullseye?

Joulinar · 16 December 2024 13:32

certificate has been issues on December 13th. I guess it was invalid for 2 days only

MichaIng · 16 December 2024 14:10

Ah okay, makes sense then.

Falconcrest · 16 December 2024 21:45

Almost all installations are based on Bookworm. But in the meantime, the whole spook seems to be over!