wget: Cannot connect to https website (TLS error) [closed]

Question

I am trying to use wget via Cygwin to fetch some content from a https website. Unfortunately when I try to connect I get the following error:

#wget https://www.mysite.com/mycontent
Connecting to XXXXXXXX... connected.
GnuTLS: A TLS fatal alert has been received.
Unable to establish SSL connection.

The certificate is a VeriSign Class 3 and is not expired. I have tried using options --no-check-certificate, --secure-protocol=SSLv2, --secure-protocol=SSLv3, etc which doesn't work but gives a slightly different error:

$ wget --secure-protocol=SSLv3 --no-check-certificate https://www.mysite.com/mycontent
Connecting to XXXXXX... connected.
GnuTLS: GnuTLS internal error.
Unable to establish SSL connection.

I also tried exporting the DER certificate from Internet Explorer on my PC and then passing that certificate to wget which also failed:

$ wget --certificate-type=DER --certificate=mysite.cer https://www.mysite.com/mycontent
Connecting to XXXXX... connected.
GnuTLS: A TLS fatal alert has been received.
Unable to establish SSL connection.

Is there something I'm missing? Can anyone point me in the direction of what I have to do to make this work?

Sorry but I had to redact the real server info for employer confidentiality reasons.

Here is my wget/cygwin configuration information:

$ wget --version
GNU Wget 1.13.4 built on cygwin.

+digest +https +ipv6 +iri +large-file +nls -ntlm +opie +ssl/gnutls

Wgetrc:
    /etc/wgetrc (system)
Locale: /usr/share/locale
Compile: gcc-4 -DHAVE_CONFIG_H -DSYSTEM_WGETRC="/etc/wgetrc"
    -DLOCALEDIR="/usr/share/locale" -I.
    -I/usr/src/wget-1.13.4-1/src/wget-1.13.4/src -I../lib
    -I/usr/src/wget-1.13.4-1/src/wget-1.13.4/lib -g -O2 -pipe
Link: gcc-4 -g -O2 -pipe -liconv -lintl /usr/lib/libgnutls.dll.a
    /usr/lib/libtasn1.dll.a /usr/lib/libz.dll.a
    /usr/lib/libgcrypt.dll.a /usr/lib/libgpg-error.dll.a
    /usr/lib/libintl.dll.a -L/usr/lib/ncursesw /usr/lib/libiconv.dll.a
    -lgcrypt -lgpg-error -lz -lidn ftp-opie.o gnutls.o ../lib/libgnu.a

Answer 1

I've seen this happen when trying to wget something from an IIS box. There's an IIS bug that incorrectly processes SSL requests. Browsers ignore it, wget doesn't.

If I recall correctly (it's been years), there's a wget setting that tells it to ignore SSL cert errors... Maybe it's the --sslcheckcert option. Try using --sslcheckcert=0.