I'm trying to install rust on centos 7.8 using:
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
For some reason I fail to see, installation is failing with the following output:
info: profile set to 'default'
info: default host triple is x86_64-unknown-linux-gnu
info: syncing channel updates for 'stable-x86_64-unknown-linux-gnu'
error: could not download file from 'https://static.rust-lang.org/dist/channel-rust-stable.toml.sha256' to '/root/.rustup/tmp/3w0dy8jkkq2jo671_file'
error: caused by: failed to make network request
error: caused by: https://static.rust-lang.org/dist/channel-rust-stable.toml.sha256: error trying to connect: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1915: (certificate has expired)
error: caused by: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1915: (certificate has expired)
I can successfully download such sha256 file and don't have any issues with certificates.
This machine is behind a zscaler "man in the middle" proxy, but I've already imported the certs and CA-certs and I can use curl without ignoring certificates, and everything seems ok.
I took a tcpdump trace and I can see the client (rustup) complaining about certificates having expired, but none of the certificates I see on the trace have expired.
Some have an expiry date a week from now, others years from now, but all of them seem to be OK in terms of "not valid before" and "valid until" dates.
Date on the system is OK too.
Does anybody have any suggestion on how to troubleshoot this further?