wget with https on ESXI 6.7 U3

  • Thread starter Thread starter panks21
  • Start date Start date
  • Replies Replies 16
  • Views Views 8,415
P

panks21

Messages
250
Location
Delhi
ISP
Airtel Static IP
ACT Broadband
Didnt find a place for ESXI, hence asking here . @Mods Please feel free to move it around

Sorry for the basic question.. I am noob in ESXI

I updated the ESXI to 6.7 U3 and tried to do wget on the host directly. For some reason it doesn't work even if the httpClient is set to true. How to get this working?
Code: 
[root@localhost:/vmfs/volumes/613f8040-7d767b5c-98a1-90e2ba68ddb0/iso_images] esxcli network firewall ruleset list | grep -E '^Name|^---|http'
Name                    Enabled
----------------------  -------
httpClient                 true

[root@localhost:/vmfs/volumes/613f8040-7d767b5c-98a1-90e2ba68ddb0/iso_images] wget "https://releases.ubuntu.com/20.04.3/ubuntu-20.04.3-live-server-amd
64.iso"
Connecting to releases.ubuntu.com (91.189.91.124:443)
wget: error getting response: Invalid argument

[root@localhost:/vmfs/volumes/613f8040-7d767b5c-98a1-90e2ba68ddb0/iso_images] wget "https://cdimage.kali.org/kali-2021.2/kali-linux-2021.2-installer-n
etinst-amd64.iso"
Connecting to cdimage.kali.org (192.99.200.113:443)
wget: error getting response
 
I'm not recently familiar with esx but are you able to do basic operations like ping?

Ensure your esxi has a valid ip address and maybe you need to configure enable DHCP client first.

Reason I suggest this is because I see root@localhost instead of a hostname...
 
Yes I just searched Google and seems esxi 6.7 wget doesn't support ssl but esxi 7 has it...
 
I also thought that the https is not supported.. but the Answer in the URL below says he has it working in U2 on 6.7

serverfault.com

VMware ESXi: help downloading large ISO

I'd like to download a large OS install ISO directly to my datastore. I used to be able to SSH to the ESXi terminal and use wget to download large files directly to the datastore, but it seems tha...
serverfault.com serverfault.com
 
Did you try downloading anything from http source? Also i can see the host name is resolved to an ip. So this is a wget issue.
Try using curl if you have it. In the above link they may have a particular patch installed to resolve the issue.
 

I am running update 3. That post is running update 2.
curl is not present on the host. The host has internet access. Please suggest some http source to test a download

Code: 
[root@localhost:/vmfs/volumes/613f8040-7d767b5c-98a1-90e2ba68ddb0/iso_images] curl www.google.com
-sh: curl: not found

[root@localhost:/vmfs/volumes/613f8040-7d767b5c-98a1-90e2ba68ddb0/iso_images] ping www.hotstar.com
PING www.hotstar.com (23.52.42.152): 56 data bytes
64 bytes from 23.52.42.152: icmp_seq=0 ttl=49 time=10.646 ms
64 bytes from 23.52.42.152: icmp_seq=1 ttl=49 time=9.929 ms
64 bytes from 23.52.42.152: icmp_seq=2 ttl=49 time=11.030 ms

--- www.hotstar.com ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 9.929/10.535/11.030 ms

[root@localhost:/vmfs/volumes/613f8040-7d767b5c-98a1-90e2ba68ddb0/iso_images]
 
vishalrao said:
I'm not recently familiar with esx but are you able to do basic operations like ping?

Ensure your esxi has a valid ip address and maybe you need to configure enable DHCP client first.

Reason I suggest this is because I see root@localhost instead of a hostname...
Click to expand...
the host has internet access. Please see above post.
@vishalrao
 
http download works..

Code: 
[root@localhost:/vmfs/volumes/613f8040-7d767b5c-98a1-90e2ba68ddb0/iso_images] wget -O /dev/null http://speedtest.tele2.net/10GB.zip
Connecting to speedtest.tele2.net (90.130.70.73:80)
saving to '/dev/null'
null                   0% |                                                                                                      |  9.8M  2:01:37 ETA
[root@localhost:/vmfs/volumes/613f8040-7d767b5c-98a1-90e2ba68ddb0/iso_images]
 
Try wget options to use lower ssl versions? Like avoid tls etc...

Maybe server is negotiating higher ssl or tls version which esxi wget doesn't support
 
Your best bet is to download from a http source. Forcing lower version will not work since supporting lower version is a vulnerability for a publicly hosted servers.

Alternate is to try any other download utility available on esxi.
 
vishalrao said:
Maybe server is negotiating higher ssl or tls version which esxi wget doesn't support
Click to expand...

It uses busybox. what option would work out of the below??

Code: 
[root@localhost:~] wget --help
BusyBox v1.29.3 (2021-01-17 01:25:00 PST) multi-call binary.

Usage: wget [-c|--continue] [--spider] [-q|--quiet] [-O|--output-document FILE]
    [-o|--output-file FILE] [--header 'header: value'] [-Y|--proxy on/off]
    [--no-check-certificate]
    [-P DIR] [-S|--server-response] [-U|--user-agent AGENT] URL...

Retrieve files via HTTP or FTP

    --spider    Only check URL existence: $? is 0 if exists
    --no-check-certificate    Don't validate the server's certificate
    -c        Continue retrieval of aborted transfer
    -q        Quiet
    -P DIR        Save to DIR (default .)
    -S            Show server response
    -O FILE        Save to FILE ('-' for stdout)
    -o FILE        Log messages to FILE
    -U STR        Use STR for User-Agent header
    -Y on/off    Use proxy
[root@localhost:~]
 
Got a response on reddit... ESXI doesn't like certificate
Thanks for all the suggestions

Code: 
[root@localhost:/vmfs/volumes/613f8040-7d767b5c-98a1-90e2ba68ddb0/iso_images] wget "https://cdimage.kali.org/kali-2021.2/kali-linux-2021.2-installer-amd64.iso" --no-check-certificate
Connecting to cdimage.kali.org (192.99.200.113:443)
Connecting to kali.download (104.18.103.100:443)
saving to 'kali-linux-2021.2-installer-amd64.iso'
kali-linux-2021.2-in   3% |******                                                                                                                                                                                                        |  136M  0:14:24 ETA
 
Try the no check certificate option?
 

Top