Skip to Content

4 ways to fix Unable to locally verify the issuer’s authority in wget command

The error “Unable to locally verify the issuer’s authority” means wget cannot verify the SSL certificate of the website you’re trying to connect to.

This usually happens when wget doesn’t have access to the necessary CA certificates to verify the website’s certificate.

Here are a few possible ways to resolve the issue:

  • Install/Update the CA Certificates
    The error may occur because your system lacks the necessary CA certificates to validate the SSL certificate of the server you’re connecting to.
    On most Linux systems, you can update the CA certificates package as follows:
    • On Debian-based systems (like Ubuntu), use the following commands:
      sudo apt-get update
      sudo apt-get install ca-certificates
    • On Red Hat-based systems (like CentOS), use the following commands:
      sudo yum update
      sudo yum install ca-certificates
  • Manually Specify the CA Certificate
    If you have a specific CA certificate that you want wget to trust, you can specify it with the –ca-certificate option. Replace /path/to/certfile with the path to your CA certificate:
    wget --ca-certificate=/path/to/certfile
  • Disable SSL Certificate Verification
    You can tell wget to not verify the SSL certificate. However, be aware that this introduces a security risk, as it makes you susceptible to man-in-the-middle attacks.
    wget --no-check-certificate
  • Manually Add the CA Certificate
    If the server’s certificate was signed by a CA that isn’t included in your system’s CA bundle, you’ll need to add that CA’s certificate manually. You can do this by:
    • Obtaining the CA certificate in PEM format.
    • Adding it to your system’s CA bundle directory (which is often /etc/ssl/certs or /etc/pki/tls/certs, but may vary depending on your system).
    • Updating your system’s CA bundle. On some systems, this is done automatically. On others, you may need to use a command like update-ca-certificates or update-ca-trust.


Note: Disabling SSL certificate verification should only be done as a last resort and only for trusted networks. It is not recommended for production environments.

In all cases, if the error persists after trying these solutions, it might be worth checking if there’s an issue with the website’s SSL certificate itself.

FAQ Wget

Here are some frequently asked questions (FAQ) related to wget, a popular command-line utility for downloading files from the internet:

  1. What is wget? wget is a command-line tool used for retrieving files from the web using HTTP, HTTPS, FTP, and FTPS protocols. It is available on various operating systems and is often used in shell scripts and automation tasks to download files.
  2. How do I use wget to download a file? To download a file using wget, simply use the following command:
    wget [URL]

    Replace [URL] with the actual URL of the file you want to download.

  3. How can I specify the output filename when using wget? By default, wget saves the downloaded file with the original filename. To specify a different output filename, use the O or -output-document option:
    wget -O output_file.txt [URL]
  4. How do I resume a partially downloaded file with wget? To resume a partially downloaded file, use the c or -continue option:
    wget -c [URL]
  5. Can I limit the download speed with wget? Yes, you can limit the download speed using the -limit-rate option. For example, to limit the download speed to 1MB/s, use:
    wget --limit-rate=1M [URL]
  6. How can I recursively download files from a website with wget? To download files recursively from a website, use the r or -recursive option. For example:
    wget -r [URL]
  7. How do I specify a user-agent with wget? You can set a custom user-agent using the -user-agent option. For example:
    wget --user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" [URL]
  8. Can I download multiple files at once with wget? Yes, you can provide multiple URLs separated by spaces, and wget will download all of them:
    wget [URL1] [URL2] [URL3]
  9. How do I specify a username and password for HTTP authentication with wget? Use the -user and -password options to specify the username and password for HTTP authentication:
    wget --user=username --password=password [URL]
  10. Is wget capable of handling proxies? Yes, wget can work with HTTP, HTTPS, and FTP proxies:
    $ export http_proxy=http://[Proxy_Server]:[port]
    $ export https_proxy=$http_proxy
    $ export ftp_proxy=$http_proxy


These are some common questions and commands related to wget. The utility provides many more options and features, making it a versatile tool for downloading files from the web. You can explore additional options and capabilities by referring to the wget manual (man wget) or visiting the wget documentation online.