connection failed due to UnknownIssuer

[karl19]

Silly question, do we know why it fails to download from github, but meantime can cUrl? Obviously im behind corp firewall.

tldr nvm

info: cache is empty, downloading...
info: downloading 'tldr.sha256sums'... FAILED
error: https://github.com/tldr-pages/tldr/releases/latest/download/tldr.sha256sums: **Connection Failed: tls connection init failed: invalid peer certificate: UnknownIssuer**

curl -I https://github.com/tldr-pages/tldr/releases/latest/download/tldr.sha256sums

HTTP/1.1 302 Found
Server: GitHub.com
Date: Mon, 06 May 2024 23:49:11 GMT
Content-Type: text/html; charset=utf-8
Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
Location: https://github.com/tldr-pages/tldr/releases/download/v2.2/tldr.sha256sums
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Frame-Options: deny
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
Set-Cookie: _gh_sess=1Ojsm6%2Fl9GnPMkI1RxozkfSHPo%2F6OBGcv%2BT9sf3O6rarGnb%2B%2BRcC1EpJV5dvLmoyG4w5m%2FmZd6UcdASShynuHW5zqe%2BBxLzXjEbK%2BlwplQbRuQSZW5hTbredtxuJ5az0rMZchRZ5Ot%2BxjUAEMWg4qa0u1KmDDUpZhsXEeehq6khIVbaSLqdkDD7XZKF7VKmmMCbdb1HhNtZdhz%2BqJtlurShHA1LTe6tqaJUDN3wINqFvUPOXDD%2BY6rlVgQ%2B76KhXPIpJ%2B%2FL474uZENG5Q5nfsw%3D%3D--s%2BgR4UZY7suTEnjA--TS9Vk%2FQzf%2FwykXOB5PblWA%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
Set-Cookie: _octo=GH1.1.79770719.1715039351; Path=/; Domain=github.com; Expires=Tue, 06 May 2025 23:49:11 GMT; Secure; SameSite=Lax
Set-Cookie: logged_in=no; Path=/; Domain=github.com; Expires=Tue, 06 May 2025 23:49:11 GMT; HttpOnly; Secure; SameSite=Lax
Content-Length: 0
X-GitHub-Request-Id: 47F2:1FBACE:1DC27E3:2127566:66396C77

[acuteenvy]

I think it's because the HTTP library used by tlrc doesn't pick up your SSL certificates by default. I've enabled that feature in 3092e01 - could you compile the latest version from the main branch and test if it works for you?

[karl19]

@acuteenvy still no luck, no matter what i do i got below (running from the latest rust image)

root@cae66abe3157:~/tlrc# cargo build
    Updating crates.io index
error: failed to get `clap` as a dependency of package `tlrc v1.9.2 (/root/tlrc)`

Caused by:
  download of config.json failed

Caused by:
  failed to download from `https://index.crates.io/config.json`

Caused by:
  [60] SSL peer certificate or SSH remote key was not OK (SSL certificate problem: self signed certificate in certificate chain)

[acuteenvy]

Are you actually using a self-signed certificate or is there a CA that you can include in the image to solve this problem? curl should also complain about self-signed certificates if you run it in this image, unless you use --insecure.

[karl19]

@acuteenvy i've actually mounted from my local cert folder and copied them all over to /etc/ssl/certs/ in above attempt

[acuteenvy]

Could you send the output of curl -Lv https://github.com/tldr-pages/tldr/releases/latest/download/tldr.sha256sums in the container and outside?

[mj-crabtree]

Hello! I'm also having this issue after installing via cargo and again after compiling and running from the main branch with the release profile. I went ahead and followed the instructions in this thread to no avail, but here's the output I captured after running url -Lv https://github.com/tldr-pages/tldr/releases/latest/download/tldr.sha256sums:

9ea8960e4dc616f9d7b0e9a8e37dd701e0d823bf4116365457b0461af2ff683f  index.json
e680124ba2950081e5d6305f57a45e4091bfa3cfea3832c41f13759d92562cd2  tldr-pages.ar.zip
495b4ca6ed90281c1c53c44e38d3c09ce1b01fff635d018394c06810b1960f22  tldr-pages.bn.zip
c1239830e1235caaff48dd2594a63f6a383bec5dd9d3a2852a29bb70be18cf2a  tldr-pages.bs.zip
5a42a203777659f33264c6ea1f904bf27ac7f03560ab1dae2dd974fb81ba9dbf  tldr-pages.ca.zip
214b0824d11a28ac9635ccbe1f74612a15ab1227e3b083cacc296f42ed6898be  tldr-pages.cs.zip
b832dc3fc170907982ea857c26e5ab6724f52b00bbf6aed8aa118221f505d612  tldr-pages.da.zip
e2ef3d3fde956786559c705ad14f319fd11ad65a410f5079ac0ff4a4639e4d3b  tldr-pages.de.zip
56f2c2813ee68ed65540dbca9864eada031a262b63b4d1f8c8984d2bff769786  tldr-pages.en.zip
52df09db7420cc5b22d5a6a394918a0e0951b71a57fe7b6bb31cf3c168640b82  tldr-pages.es.zip
a8f2588e8e1bc35753a2417834fc8c0f073fa9061f4bdf19bbe2cb87d8485651  tldr-pages.fa.zip
1ed04fc82703d1ceda30623ffbfb991533ad89a2b8ec123f433d247b461647ae  tldr-pages.fi.zip
809ec003698e7cd051ceb81a5d3daf01aeefbe45b9017e7521ffef80e6fad548  tldr-pages.fr.zip
feae2db5130e54bd8b4c8fd77f0d3e76e33541a63560ad7a5733860f467511cb  tldr-pages.hi.zip
c21bec44c419e09fb019301022325fc80163b78fbfeda7c4701c6ee282cc51df  tldr-pages.id.zip
f375dc5405075575f447719fb9d552d2ad96550b23b078b00904e4d40a3bdb3b  tldr-pages.it.zip
49ffe08810a68f0e1a19d71e0f38ac6e74d38595866d2857482f4b1f2f1b2805  tldr-pages.ja.zip
fcd8f32a3d4cb31d9fb6294f69c8537bee65253fd2f8f91a12002757c26ff2ab  tldr-pages.ko.zip
653d79e5409a45c85c329f774eb543c53982631ce76c6bf931d95344d2e6e047  tldr-pages.lo.zip
4ab74e206a3255e69b793ae5ed59689befd15dc8e481bd6a620d046806abd86f  tldr-pages.ml.zip
b5642d5f9e9522b94aaeb9adee0f484f6efc854ab3193e0a840f6b20f1734154  tldr-pages.ne.zip
5878d017f733ae7979649f68d02db1f99cbcd9f7f941ae4bb0b3d9cb801748f4  tldr-pages.nl.zip
84dafdb26ac97238028c9832a056eb96292a5c316615fc258a710a39178ee3f1  tldr-pages.no.zip
72725efb3fd0d09fff488f95a5f947c0e15d6db791e6eff6a949e2401c14a55e  tldr-pages.pl.zip
8377597e94fbf271672dcf3253dfca020282e6da3d90e7591753456b54e55d20  tldr-pages.pt_BR.zip
49429b5ad9b2803b7dd776cb16f21d68dacf48d9a16c143daa30de152782837c  tldr-pages.pt_PT.zip
e17e4ea482e7ab06faafe540b2816175cbcfe50f94027927c39c7e4c5f8421c6  tldr-pages.ro.zip
16136205ef16116bfc045ecf936d84ee61a0fa4846ac58b00033ee0c7218345c  tldr-pages.ru.zip
23959d21a5ed71a14b3de758be157e2b7df7e68c334817b5e0f7aaa02ca09f9a  tldr-pages.sh.zip
c1b79a87edf9de309a90fa1f7dcfec1371091aff58992bec05de54b89d2b5362  tldr-pages.sr.zip
fe947c1d79aa47956fd07fc1d91aef57b675eba1c93d2cd27d26699b0e584aad  tldr-pages.sv.zip
e04c2dab2ba4edec6a6660cddbc76b1f05c543fc4cb127c9b79acef94e52de93  tldr-pages.ta.zip
bce11db172d97f5dc151e58407693e8abbdc9bb442f0a75001270839ef901ad1  tldr-pages.th.zip
60af256253e8d971fcbba13ce97f4c30dd181ead0313370844a4d2a739e1900c  tldr-pages.tr.zip
ed46a6ace2756845376abb809f617c0471c5ae88605fb5e0486d091f6027c1dd  tldr-pages.uk.zip
8aa3a69a2c528a8efa3b36bc04a72dd747186003979a1fa204c3484b4edfd8d1  tldr-pages.uz.zip
6884a1df655ffe7f51e6334e022189cf208d079ee7d8b2824b5068094decb265  tldr-pages.zh.zip
5f98d7589b09d3b3ed44b7904938487c513a3f1fdb94f9af8923369802f05a5f  tldr-pages.zh_TW.zip
56f2c2813ee68ed65540dbca9864eada031a262b63b4d1f8c8984d2bff769786  tldr-pages.zip
c03cb6c4332e8bf860fd5a4a1cf0d6331222994478cfe06e9eb2df767882650a  tldr.zip

Let me know if I can be of any assistance!

[acuteenvy]

Did you actually use the -v option? I'm interested in what curl is doing to reach GitHub, not in the contents of the file.

For reference, here's the output of the command on my system

* Host github.com:443 was resolved.
* IPv6: (none)
* IPv4: 140.82.121.4
*   Trying 140.82.121.4:443...
* Connected to github.com (140.82.121.4) port 443
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: none
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256 / x25519 / id-ecPublicKey
* ALPN: server accepted h2
* Server certificate:
*  subject: CN=github.com
*  start date: Mar  7 00:00:00 2024 GMT
*  expire date: Mar  7 23:59:59 2025 GMT
*  subjectAltName: host "github.com" matched cert's "github.com"
*  issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo ECC Domain Validation Secure Server CA
*  SSL certificate verify ok.
*   Certificate level 0: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
*   Certificate level 1: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA384
*   Certificate level 2: Public key type EC/secp384r1 (384/192 Bits/secBits), signed using ecdsa-with-SHA384
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://github.com/tldr-pages/tldr/releases/latest/download/tldr.sha256sums
* [HTTP/2] [1] [:method: GET]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: github.com]
* [HTTP/2] [1] [:path: /tldr-pages/tldr/releases/latest/download/tldr.sha256sums]
* [HTTP/2] [1] [user-agent: curl/8.9.1]
* [HTTP/2] [1] [accept: */*]
> GET /tldr-pages/tldr/releases/latest/download/tldr.sha256sums HTTP/2
> Host: github.com
> User-Agent: curl/8.9.1
> Accept: */*
>
* Request completely sent off
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
< HTTP/2 302
< server: GitHub.com
< date: Tue, 13 Aug 2024 19:10:12 GMT
< content-type: text/html; charset=utf-8
< vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
< location: https://github.com/tldr-pages/tldr/releases/download/v2.2/tldr.sha256sums
< cache-control: no-cache
< strict-transport-security: max-age=31536000; includeSubdomains; preload
< x-frame-options: deny
< x-content-type-options: nosniff
< x-xss-protection: 0
< referrer-policy: no-referrer-when-downgrade
< content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
< set-cookie: _gh_sess=gVLyZ69WWXAb9MxxTQ%2B0ChX7trTJxT6mJ%2FJ%2FiVj3uTdoLiBjooJVawvEftXwk0wFjdS%2FHwBfVN44xB3lFkhVwyLLDh2z19Y6Rjnjk1whsKAN3ROmn3VQcVmrOcokoxQhzk2H%2FGsTAGQA7P1VFTKhlLVWQASbeRV5fsloMfOTWIzkHfIbFWWZzsQtKjF1HkWLaHf701ph9LEMX5OEMunJnRfiQaH44cJJkriBD3QfNHs6nJkN0J%2BAkI6%2BB7V8B%2F8r02O%2B5%2FiPAeeIiRDWig4nVw%3D%3D--dP3RIm4MHoDyosFE--sUimgtikt%2FhsDvuF5J713g%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
< set-cookie: _octo=GH1.1.1339054795.1723576241; Path=/; Domain=github.com; Expires=Wed, 13 Aug 2025 19:10:41 GMT; Secure; SameSite=Lax
< set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Wed, 13 Aug 2025 19:10:41 GMT; HttpOnly; Secure; SameSite=Lax
< content-length: 0
< x-github-request-id: FE12:3DAB5E:3F462E2:4073A06:66BBAFB1
* Ignoring the response-body
<
* Connection #0 to host github.com left intact
* Issue another request to this URL: 'https://github.com/tldr-pages/tldr/releases/download/v2.2/tldr.sha256sums'
* Found bundle for host: 0x59db46310350 [can multiplex]
* Re-using existing connection with host github.com
* [HTTP/2] [3] OPENED stream for https://github.com/tldr-pages/tldr/releases/download/v2.2/tldr.sha256sums
* [HTTP/2] [3] [:method: GET]
* [HTTP/2] [3] [:scheme: https]
* [HTTP/2] [3] [:authority: github.com]
* [HTTP/2] [3] [:path: /tldr-pages/tldr/releases/download/v2.2/tldr.sha256sums]
* [HTTP/2] [3] [user-agent: curl/8.9.1]
* [HTTP/2] [3] [accept: */*]
> GET /tldr-pages/tldr/releases/download/v2.2/tldr.sha256sums HTTP/2
> Host: github.com
> User-Agent: curl/8.9.1
> Accept: */*
>
* Request completely sent off
< HTTP/2 302
< server: GitHub.com
< date: Tue, 13 Aug 2024 19:10:12 GMT
< content-type: text/html; charset=utf-8
< vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
< location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/15019962/8e45a6df-c460-45e2-b0ad-91e0054d12ab?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240813%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240813T191012Z&X-Amz-Expires=300&X-Amz-Signature=76fbf00013e51d6ad5b7afae39fc4ba2e458aa4eb174c16c99bc05397fdb9e67&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=15019962&response-content-disposition=attachment%3B%20filename%3Dtldr.sha256sums&response-content-type=application%2Foctet-stream
< cache-control: no-cache
< strict-transport-security: max-age=31536000; includeSubdomains; preload
< x-frame-options: deny
< x-content-type-options: nosniff
< x-xss-protection: 0
< referrer-policy: no-referrer-when-downgrade
< content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
< content-length: 0
< x-github-request-id: FE12:3DAB5E:3F46317:4073A2E:66BBAFB1
* Ignoring the response-body
<
* Connection #0 to host github.com left intact
* Issue another request to this URL: 'https://objects.githubusercontent.com/github-production-release-asset-2e65be/15019962/8e45a6df-c460-45e2-b0ad-91e0054d12ab?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240813%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240813T191012Z&X-Amz-Expires=300&X-Amz-Signature=76fbf00013e51d6ad5b7afae39fc4ba2e458aa4eb174c16c99bc05397fdb9e67&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=15019962&response-content-disposition=attachment%3B%20filename%3Dtldr.sha256sums&response-content-type=application%2Foctet-stream'
* Host objects.githubusercontent.com:443 was resolved.
* IPv6: (none)
* IPv4: 185.199.110.133, 185.199.108.133, 185.199.109.133, 185.199.111.133
*   Trying 185.199.110.133:443...
* Connected to objects.githubusercontent.com (185.199.110.133) port 443
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256 / x25519 / RSASSA-PSS
* ALPN: server accepted h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.github.io
*  start date: Mar 15 00:00:00 2024 GMT
*  expire date: Mar 14 23:59:59 2025 GMT
*  subjectAltName: host "objects.githubusercontent.com" matched cert's "*.githubusercontent.com"
*  issuer: C=US; O=DigiCert Inc; CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
*  SSL certificate verify ok.
*   Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
*   Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
*   Certificate level 2: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://objects.githubusercontent.com/github-production-release-asset-2e65be/15019962/8e45a6df-c460-45e2-b0ad-91e0054d12ab?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240813%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240813T191012Z&X-Amz-Expires=300&X-Amz-Signature=76fbf00013e51d6ad5b7afae39fc4ba2e458aa4eb174c16c99bc05397fdb9e67&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=15019962&response-content-disposition=attachment%3B%20filename%3Dtldr.sha256sums&response-content-type=application%2Foctet-stream
* [HTTP/2] [1] [:method: GET]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: objects.githubusercontent.com]
* [HTTP/2] [1] [:path: /github-production-release-asset-2e65be/15019962/8e45a6df-c460-45e2-b0ad-91e0054d12ab?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240813%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240813T191012Z&X-Amz-Expires=300&X-Amz-Signature=76fbf00013e51d6ad5b7afae39fc4ba2e458aa4eb174c16c99bc05397fdb9e67&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=15019962&response-content-disposition=attachment%3B%20filename%3Dtldr.sha256sums&response-content-type=application%2Foctet-stream]
* [HTTP/2] [1] [user-agent: curl/8.9.1]
* [HTTP/2] [1] [accept: */*]
> GET /github-production-release-asset-2e65be/15019962/8e45a6df-c460-45e2-b0ad-91e0054d12ab?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240813%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240813T191012Z&X-Amz-Expires=300&X-Amz-Signature=76fbf00013e51d6ad5b7afae39fc4ba2e458aa4eb174c16c99bc05397fdb9e67&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=15019962&response-content-disposition=attachment%3B%20filename%3Dtldr.sha256sums&response-content-type=application%2Foctet-stream HTTP/2
> Host: objects.githubusercontent.com
> User-Agent: curl/8.9.1
> Accept: */*
>
* Request completely sent off
< HTTP/2 200
< content-type: application/octet-stream
< last-modified: Tue, 13 Aug 2024 17:49:13 GMT
< etag: "0x8DCBBC03E7A797F"
< server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
< x-ms-request-id: dd2e28a4-301e-006c-52a9-ed0ac2000000
< x-ms-version: 2020-10-02
< x-ms-creation-time: Tue, 13 Aug 2024 17:49:13 GMT
< x-ms-lease-status: unlocked
< x-ms-lease-state: available
< x-ms-blob-type: BlockBlob
< content-disposition: attachment; filename=tldr.sha256sums
< x-ms-server-encrypted: true
< via: 1.1 varnish, 1.1 varnish
< fastly-restarts: 1
< accept-ranges: bytes
< date: Tue, 13 Aug 2024 19:10:42 GMT
< age: 245
< x-served-by: cache-iad-kiad7000026-IAD, cache-ams2100093-AMS
< x-cache: HIT, HIT
< x-cache-hits: 13, 1
< x-timer: S1723576242.930651,VS0,VE1
< content-length: 3350
<
74754ea3a36704cb3f0e677096b86300202b8a044399e9285eb59c217d73bb89  index.json
e680124ba2950081e5d6305f57a45e4091bfa3cfea3832c41f13759d92562cd2  tldr-pages.ar.zip
495b4ca6ed90281c1c53c44e38d3c09ce1b01fff635d018394c06810b1960f22  tldr-pages.bn.zip
c1239830e1235caaff48dd2594a63f6a383bec5dd9d3a2852a29bb70be18cf2a  tldr-pages.bs.zip
5a42a203777659f33264c6ea1f904bf27ac7f03560ab1dae2dd974fb81ba9dbf  tldr-pages.ca.zip
214b0824d11a28ac9635ccbe1f74612a15ab1227e3b083cacc296f42ed6898be  tldr-pages.cs.zip
b832dc3fc170907982ea857c26e5ab6724f52b00bbf6aed8aa118221f505d612  tldr-pages.da.zip
5f80d9433170043c53069cfd25a78965b4bd4b459c15bf0e1e44a5bcd6cd99a8  tldr-pages.de.zip
d7d92d2af5eefa54b07317ad7aadbb234275f20cf3ce721e9db467ddca4e4132  tldr-pages.en.zip
52df09db7420cc5b22d5a6a394918a0e0951b71a57fe7b6bb31cf3c168640b82  tldr-pages.es.zip
a8f2588e8e1bc35753a2417834fc8c0f073fa9061f4bdf19bbe2cb87d8485651  tldr-pages.fa.zip
1ed04fc82703d1ceda30623ffbfb991533ad89a2b8ec123f433d247b461647ae  tldr-pages.fi.zip
809ec003698e7cd051ceb81a5d3daf01aeefbe45b9017e7521ffef80e6fad548  tldr-pages.fr.zip
feae2db5130e54bd8b4c8fd77f0d3e76e33541a63560ad7a5733860f467511cb  tldr-pages.hi.zip
c21bec44c419e09fb019301022325fc80163b78fbfeda7c4701c6ee282cc51df  tldr-pages.id.zip
f375dc5405075575f447719fb9d552d2ad96550b23b078b00904e4d40a3bdb3b  tldr-pages.it.zip
49ffe08810a68f0e1a19d71e0f38ac6e74d38595866d2857482f4b1f2f1b2805  tldr-pages.ja.zip
fcd8f32a3d4cb31d9fb6294f69c8537bee65253fd2f8f91a12002757c26ff2ab  tldr-pages.ko.zip
653d79e5409a45c85c329f774eb543c53982631ce76c6bf931d95344d2e6e047  tldr-pages.lo.zip
c2d18d5cfff85209146e9e60467441f5ebac45fe34adc05b77575b5914ab389d  tldr-pages.ml.zip
b5642d5f9e9522b94aaeb9adee0f484f6efc854ab3193e0a840f6b20f1734154  tldr-pages.ne.zip
5878d017f733ae7979649f68d02db1f99cbcd9f7f941ae4bb0b3d9cb801748f4  tldr-pages.nl.zip
84dafdb26ac97238028c9832a056eb96292a5c316615fc258a710a39178ee3f1  tldr-pages.no.zip
72725efb3fd0d09fff488f95a5f947c0e15d6db791e6eff6a949e2401c14a55e  tldr-pages.pl.zip
2dd9b0968f4865f9296a1e8f7ffac2531f29e6da6295f462a751b1bbaa43016b  tldr-pages.pt_BR.zip
49429b5ad9b2803b7dd776cb16f21d68dacf48d9a16c143daa30de152782837c  tldr-pages.pt_PT.zip
e17e4ea482e7ab06faafe540b2816175cbcfe50f94027927c39c7e4c5f8421c6  tldr-pages.ro.zip
fb2b137134da07227e8c1618677fcb1ceec6677b1330decb747ca0d85cd1b153  tldr-pages.ru.zip
23959d21a5ed71a14b3de758be157e2b7df7e68c334817b5e0f7aaa02ca09f9a  tldr-pages.sh.zip
c1b79a87edf9de309a90fa1f7dcfec1371091aff58992bec05de54b89d2b5362  tldr-pages.sr.zip
fe947c1d79aa47956fd07fc1d91aef57b675eba1c93d2cd27d26699b0e584aad  tldr-pages.sv.zip
e04c2dab2ba4edec6a6660cddbc76b1f05c543fc4cb127c9b79acef94e52de93  tldr-pages.ta.zip
bce11db172d97f5dc151e58407693e8abbdc9bb442f0a75001270839ef901ad1  tldr-pages.th.zip
60af256253e8d971fcbba13ce97f4c30dd181ead0313370844a4d2a739e1900c  tldr-pages.tr.zip
ed46a6ace2756845376abb809f617c0471c5ae88605fb5e0486d091f6027c1dd  tldr-pages.uk.zip
8aa3a69a2c528a8efa3b36bc04a72dd747186003979a1fa204c3484b4edfd8d1  tldr-pages.uz.zip
15c2925931ab0716941cba265117350e36982a53ffeec9a42bfd8eb33a3bc43c  tldr-pages.zh.zip
5f98d7589b09d3b3ed44b7904938487c513a3f1fdb94f9af8923369802f05a5f  tldr-pages.zh_TW.zip
d7d92d2af5eefa54b07317ad7aadbb234275f20cf3ce721e9db467ddca4e4132  tldr-pages.zip
5b636b0c1de48f3f3cc2a8234eb7cf1ee73c7f37ae647845f52f503c9075a124  tldr.zip
* Connection #1 to host objects.githubusercontent.com left intact

[mj-crabtree]

My mistake!

Here's what you're after

*   Trying 20.26.156.215:443...
* Connected to github.com (20.26.156.215) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=github.com
*  start date: Mar  7 00:00:00 2024 GMT
*  expire date: Mar  7 23:59:59 2025 GMT
*  subjectAltName: host "github.com" matched cert's "github.com"
*  issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo ECC Domain Validation Secure Server CA
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* Using Stream ID: 1 (easy handle 0x627cf6397eb0)
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET /tldr-pages/tldr/releases/latest/download/tldr.sha256sums HTTP/2
> Host: github.com
> user-agent: curl/7.81.0
> accept: */*
>
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
< HTTP/2 302
< server: GitHub.com
< date: Tue, 13 Aug 2024 22:10:44 GMT
< content-type: text/html; charset=utf-8
< vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
< location: https://github.com/tldr-pages/tldr/releases/download/v2.2/tldr.sha256sums
< cache-control: no-cache
< strict-transport-security: max-age=31536000; includeSubdomains; preload
< x-frame-options: deny
< x-content-type-options: nosniff
< x-xss-protection: 0
< referrer-policy: no-referrer-when-downgrade
< content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
< set-cookie: _gh_sess=veaBycwA9Vef1bryrdTYNQ6vVFfWcdphguNlDhHfPBZvXXBUDdf0BoEesCLPNRFPK907zAYeoxuQ2SNAsWQu7HrwRkALoS3ha6oT9EG1GbKamjLySsFR7qOFahQzskr1QJPSk9vAargHuK79VHtykI7ML0d4iQghSuYrCIfKmITpsm8C7lyUPUMXuFR5icGug7fWnE69yMEAolYArUcRv%2FNfTwrOW9Zptm00IShBSWz4nfCw6AxZaozF9D7gKJmB1F3zGDXk7bOo43%2BfiGn%2BqQ%3D%3D--SROnBd3oLJ8LNFsv--goZUWNz%2Bm7jJGLV3I84KGA%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
< set-cookie: _octo=GH1.1.2029551155.1723587043; Path=/; Domain=github.com; Expires=Wed, 13 Aug 2025 22:10:43 GMT; Secure; SameSite=Lax
< set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Wed, 13 Aug 2025 22:10:43 GMT; HttpOnly; Secure; SameSite=Lax
< content-length: 0
< x-github-request-id: B264:1C8C83:13A529C:159B26C:66BBD9E3
<
* Connection #0 to host github.com left intact
* Issue another request to this URL: 'https://github.com/tldr-pages/tldr/releases/download/v2.2/tldr.sha256sums'
* Found bundle for host github.com: 0x627cf6391010 [can multiplex]
* Re-using existing connection! (#0) with host github.com
* Connected to github.com (20.26.156.215) port 443 (#0)
* Using Stream ID: 3 (easy handle 0x627cf6397eb0)
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET /tldr-pages/tldr/releases/download/v2.2/tldr.sha256sums HTTP/2
> Host: github.com
> user-agent: curl/7.81.0
> accept: */*
>
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
< HTTP/2 302
< server: GitHub.com
< date: Tue, 13 Aug 2024 22:10:44 GMT
< content-type: text/html; charset=utf-8
< vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
< location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/15019962/e482162e-f4c5-441a-b53d-1da0e2e403a1?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240813%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240813T221044Z&X-Amz-Expires=300&X-Amz-Signature=59cec69b47703792920d4a39323db07ca076acc36d412f11ee0d87879bd05665&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=15019962&response-content-disposition=attachment%3B%20filename%3Dtldr.sha256sums&response-content-type=application%2Foctet-stream
< cache-control: no-cache
< strict-transport-security: max-age=31536000; includeSubdomains; preload
< x-frame-options: deny
< x-content-type-options: nosniff
< x-xss-protection: 0
< referrer-policy: no-referrer-when-downgrade
< content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
< content-length: 0
< x-github-request-id: B264:1C8C83:13A52AC:159B285:66BBD9E4
<
* Connection #0 to host github.com left intact
* Issue another request to this URL: 'https://objects.githubusercontent.com/github-production-release-asset-2e65be/15019962/e482162e-f4c5-441a-b53d-1da0e2e403a1?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240813%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240813T221044Z&X-Amz-Expires=300&X-Amz-Signature=59cec69b47703792920d4a39323db07ca076acc36d412f11ee0d87879bd05665&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=15019962&response-content-disposition=attachment%3B%20filename%3Dtldr.sha256sums&response-content-type=application%2Foctet-stream'
*   Trying 185.199.109.133:443...
* Connected to objects.githubusercontent.com (185.199.109.133) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=*.github.io
*  start date: Mar 15 00:00:00 2024 GMT
*  expire date: Mar 14 23:59:59 2025 GMT
*  subjectAltName: host "objects.githubusercontent.com" matched cert's "*.githubusercontent.com"
*  issuer: C=US; O=DigiCert Inc; CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* Using Stream ID: 1 (easy handle 0x627cf6397eb0)
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET /github-production-release-asset-2e65be/15019962/e482162e-f4c5-441a-b53d-1da0e2e403a1?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240813%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240813T221044Z&X-Amz-Expires=300&X-Amz-Signature=59cec69b47703792920d4a39323db07ca076acc36d412f11ee0d87879bd05665&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=15019962&response-content-disposition=attachment%3B%20filename%3Dtldr.sha256sums&response-content-type=application%2Foctet-stream HTTP/2
> Host: objects.githubusercontent.com
> user-agent: curl/7.81.0
> accept: */*
>
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
< HTTP/2 200
< content-type: application/octet-stream
< last-modified: Tue, 13 Aug 2024 21:59:08 GMT
< etag: "0x8DCBBE328258D8E"
< server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
< x-ms-request-id: ed34cc02-601e-0013-61cc-edc559000000
< x-ms-version: 2020-10-02
< x-ms-creation-time: Tue, 13 Aug 2024 21:59:08 GMT
< x-ms-lease-status: unlocked
< x-ms-lease-state: available
< x-ms-blob-type: BlockBlob
< content-disposition: attachment; filename=tldr.sha256sums
< x-ms-server-encrypted: true
< via: 1.1 varnish, 1.1 varnish
< fastly-restarts: 1
< accept-ranges: bytes
< age: 0
< date: Tue, 13 Aug 2024 22:10:44 GMT
< x-served-by: cache-iad-kcgs7200141-IAD, cache-lcy-eglc8600079-LCY
< x-cache: HIT, MISS
< x-cache-hits: 1, 0
< x-timer: S1723587044.340730,VS0,VE79
< content-length: 3350
<
1069df0a3c776068ce94f1a2cc5145620f6e3cfafae8bddeee68dc25c5ef3f27  index.json
e680124ba2950081e5d6305f57a45e4091bfa3cfea3832c41f13759d92562cd2  tldr-pages.ar.zip
495b4ca6ed90281c1c53c44e38d3c09ce1b01fff635d018394c06810b1960f22  tldr-pages.bn.zip
c1239830e1235caaff48dd2594a63f6a383bec5dd9d3a2852a29bb70be18cf2a  tldr-pages.bs.zip
5a42a203777659f33264c6ea1f904bf27ac7f03560ab1dae2dd974fb81ba9dbf  tldr-pages.ca.zip
214b0824d11a28ac9635ccbe1f74612a15ab1227e3b083cacc296f42ed6898be  tldr-pages.cs.zip
b832dc3fc170907982ea857c26e5ab6724f52b00bbf6aed8aa118221f505d612  tldr-pages.da.zip
5f80d9433170043c53069cfd25a78965b4bd4b459c15bf0e1e44a5bcd6cd99a8  tldr-pages.de.zip
de1a13d43c146a1f6ba7d6257cb887a8bfa7bcfa61fd6032cbbd7d01debe337c  tldr-pages.en.zip
74499741c41cf215acf308309f5a94878793dd7dfb8ad5f00a0963eb9b59674e  tldr-pages.es.zip
* TLSv1.2 (IN), TLS header, Supplemental data (23):
a8f2588e8e1bc35753a2417834fc8c0f073fa9061f4bdf19bbe2cb87d8485651  tldr-pages.fa.zip
1ed04fc82703d1ceda30623ffbfb991533ad89a2b8ec123f433d247b461647ae  tldr-pages.fi.zip
809ec003698e7cd051ceb81a5d3daf01aeefbe45b9017e7521ffef80e6fad548  tldr-pages.fr.zip
feae2db5130e54bd8b4c8fd77f0d3e76e33541a63560ad7a5733860f467511cb  tldr-pages.hi.zip
c21bec44c419e09fb019301022325fc80163b78fbfeda7c4701c6ee282cc51df  tldr-pages.id.zip
f375dc5405075575f447719fb9d552d2ad96550b23b078b00904e4d40a3bdb3b  tldr-pages.it.zip
49ffe08810a68f0e1a19d71e0f38ac6e74d38595866d2857482f4b1f2f1b2805  tldr-pages.ja.zip
fcd8f32a3d4cb31d9fb6294f69c8537bee65253fd2f8f91a12002757c26ff2ab  tldr-pages.ko.zip
653d79e5409a45c85c329f774eb543c53982631ce76c6bf931d95344d2e6e047  tldr-pages.lo.zip
c2d18d5cfff85209146e9e60467441f5ebac45fe34adc05b77575b5914ab389d  tldr-pages.ml.zip
b5642d5f9e9522b94aaeb9adee0f484f6efc854ab3193e0a840f6b20f1734154  tldr-pages.ne.zip
5878d017f733ae7979649f68d02db1f99cbcd9f7f941ae4bb0b3d9cb801748f4  tldr-pages.nl.zip
84dafdb26ac97238028c9832a056eb96292a5c316615fc258a710a39178ee3f1  tldr-pages.no.zip
72725efb3fd0d09fff488f95a5f947c0e15d6db791e6eff6a949e2401c14a55e  tldr-pages.pl.zip
2dd9b0968f4865f9296a1e8f7ffac2531f29e6da6295f462a751b1bbaa43016b  tldr-pages.pt_BR.zip
49429b5ad9b2803b7dd776cb16f21d68dacf48d9a16c143daa30de152782837c  tldr-pages.pt_PT.zip
* TLSv1.2 (IN), TLS header, Supplemental data (23):
e17e4ea482e7ab06faafe540b2816175cbcfe50f94027927c39c7e4c5f8421c6  tldr-pages.ro.zip
fb2b137134da07227e8c1618677fcb1ceec6677b1330decb747ca0d85cd1b153  tldr-pages.ru.zip
23959d21a5ed71a14b3de758be157e2b7df7e68c334817b5e0f7aaa02ca09f9a  tldr-pages.sh.zip
c1b79a87edf9de309a90fa1f7dcfec1371091aff58992bec05de54b89d2b5362  tldr-pages.sr.zip
fe947c1d79aa47956fd07fc1d91aef57b675eba1c93d2cd27d26699b0e584aad  tldr-pages.sv.zip
e04c2dab2ba4edec6a6660cddbc76b1f05c543fc4cb127c9b79acef94e52de93  tldr-pages.ta.zip
bce11db172d97f5dc151e58407693e8abbdc9bb442f0a75001270839ef901ad1  tldr-pages.th.zip
60af256253e8d971fcbba13ce97f4c30dd181ead0313370844a4d2a739e1900c  tldr-pages.tr.zip
ed46a6ace2756845376abb809f617c0471c5ae88605fb5e0486d091f6027c1dd  tldr-pages.uk.zip
8aa3a69a2c528a8efa3b36bc04a72dd747186003979a1fa204c3484b4edfd8d1  tldr-pages.uz.zip
15c2925931ab0716941cba265117350e36982a53ffeec9a42bfd8eb33a3bc43c  tldr-pages.zh.zip
5f98d7589b09d3b3ed44b7904938487c513a3f1fdb94f9af8923369802f05a5f  tldr-pages.zh_TW.zip
de1a13d43c146a1f6ba7d6257cb887a8bfa7bcfa61fd6032cbbd7d01debe337c  tldr-pages.zip
d413d3fec2e7868651f112599ff92990e3c331fd01906d116d331c53ee7f18c5  tldr.zip
* Connection #1 to host objects.githubusercontent.com left intact

[acuteenvy]

Can you provide steps to reproduce the error? I don't know what's causing this.

[mj-crabtree]

Certainly. In all honesty it's as simple as installing via cargo and running with the --update flag.

Here's a screenshot of my cli showing the issue.

The issue also presents when I clone the repo and run the app using cargo, passing in the --update flag.

Here's another screenshot.

For the record I'm using linux, specifically Pop OS 22.04 LTS. I also did a little digging last night and I'm wondering if it's perhaps something to do with my system's CA. Other than importing development certs for mono and dotnet development (which I've since removed) I can't think of anything else I might have done to compromise this functionality.

Let me know if I can do anything else to help.

[acuteenvy]

it's perhaps something to do with my system's CA

Well it must have something to do with the certificates on your system, but I don't know what exactly it is. I just installed PopOS 22.04 on a virtual machine, and everything works for me. It's hard to detect where the issue comes from when I just can't reproduce it no matter what I do.

You also seem to have a slightly different issue from @karl19, because cargo works fine for you.

Are you absolutely sure you didn't touch your SSL certs?

[mj-crabtree]

Fixed it, kinda! I've set SSL_CERT_FILE equal to /etc/ssl/certs/ca-certificates.crt, after which I was able to update and use the app no problem.

Here it is working just fine.

Are you absolutely sure you didn't touch your SSL certs?

This OS install is years old at this point and so I can't say for certain that I haven't fumbled my SSL certs at some point. It's especially curious since I haven't noticed any SSL issues before now, and a fresh pop installation doesn't have that environment variable set (afaik).

Really appreciate you looking into the issue for me, and apologies if I took you on a bit of a wild goose chase.

[acuteenvy]

That's so weird, /etc/ssl/certs/ca-certificates.crt should automatically be found...

I finally reproduced this by removing SSL certificates from the system. So the problem is indeed that tlrc cannot find your certificates for some reason.

a fresh pop installation doesn't have that environment variable set

Yeah, it doesn't. I just checked.
Can you try sudo apt reinstall ca-certificates openssl? Maybe something is actually missing from these packages?

If it doesn't work without setting the env variable after that, I have absolutely no idea what's causing this, sorry.

[mj-crabtree]

Can you try sudo apt reinstall ca-certificates openssl? Maybe something is actually missing from these packages?

Just ran this command, commented out the env variable and we're back to square one. Very strange, going to spend some time on it this weekend. Again, really appreciate your help with all this and if you like I can keep you posted if/when I find the culprit.

[Prajwal-Prathiksh]

Hi, I'm facing the same issue on Win10 (Enterprise) edition, when trying to run on Powershell 7.4.4. I'm also in a similar situation of being stuck behind a corp firewall.

$ tldr rg
info: cache is empty, downloading...
info: downloading 'tldr.sha256sums'... FAILED
error: https://github.com/tldr-pages/tldr/releases/latest/download/tldr.sha256sums: Connection Failed: tls connection init failed: invalid peer certificate: UnknownIssuer

However, I'm able to fetch the file separately:

$ Invoke-WebRequest -Uri "https://github.com/tldr-pages/tldr/releases/latest/download/tldr.sha256sums" -OutFile "tldr.sha256sums"
# Works

I'm currently trying to debug the issue, but will appreciate any tips/suggestions in the meantime while working on it.

[acuteenvy]

All the work with certificates is done by rustls. It may be worth looking into issues in their repositories - if something isn't working, it's a problem with the certificate configuration on your system or with rustls itself.

rustls/rustls-native-certs#22 may be the issue here.

[acuteenvy]

I'm going to close this, because as I said, there is nothing I can do. If anyone is still facing this issue, most likely something is wrong with your certificate configuration. If you believe everything's fine, please report this upstream to the rustls devs.