[08:07] <PaulGit> I have created a new VPS at a provider with 18.04 and for some reason commands like WGET are not find the path to the CA to validate SSL certs.  Anybody who can help point me in the right direction?
[08:27] <blackroot> PaulGit: use fetch
[08:27] <andol> PaulGit: Do you have the ca-certificates package installed?
[08:27] <PaulGit> I do have the ca-certificates installed
[08:28] <PaulGit> If I pass the CA cert path to OpenSSL it is happy, if not it fails
[08:30] <PaulGit> Is there a path setting somewhere>
[08:33] <blackroot> were this package installed by default? have you tried to purge it then re-install to see if that helps?
[08:33] <blackflow> sounds like perhaps the provider is not installing a regular Ubuntu but something modified.
[08:56] <PaulGit> Yes, it was installed by default, I will try the purge and reinstall.
[08:57] <PaulGit> If that fails I will contact the provider (CloudSigma) they have excellent support
[09:03] <PaulGit> Purge didn't work. :(
[09:06] <blackflow> PaulGit: does just one specific URL fail, or any https URL does?
[09:06] <PaulGit> @blackflow I have only tried two.  GitHub and one of my own servers.  Both fail.
[10:42] <RoyK> PaulGit: nothing like a Mitm-attack in the morning
[11:15] <PaulGit> RoyK: indeed, as I live in China that’s a distinct possibility!
[11:26] <RoyK> PaulGit: that might explain it…
[11:27] <RoyK> PaulGit: do you have ssh access to servers outside of china?
[11:54] <PaulGit> RoyK: the server is actually in Switzerland. SSH works fine to servers outside China but the GFW rate limits it so it’s no good as a proxy
[12:27] <RoyK> PaulGit: perhaps it helps if someone could open ssh on port 443 or something? ;)
[13:23] <gislaved> is it sane to import your certs into /etc/ssl/certs ?
[13:28] <PaulGit> RoyK: sadly not, they use  DPI . The best means at then moment of ‘jumping’ the GFW undetected is to use ShadowSocks or ShadowSocksR (the latter has obfuscation). When I first moved here 7 years ago SSH worked great, sadly it’s a cat and mouse game!
[14:08] <PaulGit> Finally got to the bottom of my SSL issue. There are not symlinks in /usr/lib/ssl for some reason.
[16:45] <kantlivelong> anyone here using samba on a windows domain? i cant seem to get ntlm auth to work
[16:46] <kantlivelong> kerberos works fine tho