Wget by default performs validity check of SSL certificates for https websites to ensure the certificate is valid. There are times, though, that you'll want Wget to ignore SSL certificate check when accessing websites with expired SSL certificate or those with self-signed certificates such as for development purposes or if you really trust the websites.

$ wget https://onlineweb.tools --2021-03-29 11:09:07--  https://onlineweb.tools/ Resolving onlineweb.tools (onlineweb.tools)... 127.0.0.1 Connecting to onlineweb.tools (onlineweb.tools)|127.0.0.1|:443... connected.  ERROR: cannot verify onlineweb.tools's certificate, issued by ‘CN=mkcert name@hostname (Your Name),OU=name@hostname (Your Name),O=mkcert development CA’:   Unable to locally verify the issuer's authority.  ERROR: certificate common name ‘*.simplified.guide’ doesn't match requested host name ‘onlineweb.tools’.  To connect to onlineweb.tools insecurely, use `--no-check-certificate'.

You can turn off check-certificate option in Wget to skip certificate check thus ignoring SSL errors. This is equivalent to using insecure option for cURL.

Steps to skip certificate check in wget:

  1. Test downloading https page using wget.

    $ wget https://onlineweb.tools --2021-03-29 11:31:11--  https://onlineweb.tools/ Resolving onlineweb.tools (onlineweb.tools)... 127.0.0.1 Connecting to onlineweb.tools (onlineweb.tools)|127.0.0.1|:443... connected. ERROR: cannot verify onlineweb.tools's certificate, issued by ‘CN=mkcert name@hostname (Your Name),OU=name@hostname (Your Name),O=mkcert development CA’:   Unable to locally verify the issuer's authority. To connect to onlineweb.tools insecurely, use `--no-check-certificate'.

  2. Use –no-check-certificate option to ignore certificate error for SSL.

    $ wget --no-check-certificate https://onlineweb.tools --2021-03-29 11:32:21--  https://onlineweb.tools/ Resolving onlineweb.tools (onlineweb.tools)... 127.0.0.1 Connecting to onlineweb.tools (onlineweb.tools)|127.0.0.1|:443... connected. WARNING: cannot verify onlineweb.tools's certificate, issued by ‘CN=mkcert name@hostname (Your Name),OU=name@hostname (Your Name),O=mkcert development CA’:   Unable to locally verify the issuer's authority. HTTP request sent, awaiting response... 200 OK Length: unspecified [text/html] Saving to: ‘index.html’  index.html                [ <=>                     ]  31.01K  --.-KB/s    in 0s  2021-03-29 11:32:21 (100 MB/s) - ‘index.html’ saved [31755]

    The same message is still displayed but as WARNING instead of ERROR and the command was a success.

    --no-check-certificate     Don't check the server certificate against the available certificate authorities.  Also don't require the URL host name to match the common name presented by the certificate.      As of Wget 1.10, the default is to verify the server's certificate against the recognized certificate authorities, breaking the SSL handshake and aborting the download if the verification     fails.  Although this provides more secure downloads, it does break interoperability with some sites that worked with previous Wget versions, particularly those using self-signed, expired, or     otherwise invalid certificates.  This option forces an "insecure" mode of operation that turns the certificate verification errors into warnings and allows you to proceed.      If you encounter "certificate verification" errors or ones saying that "common name doesn't match requested host name", you can use this option to bypass the verification and proceed with the     download.  Only use this option if you are otherwise convinced of the site's authenticity, or if you really don't care about the validity of its certificate.  It is almost always a bad idea     not to check the certificates when transmitting confidential or important data.

  3. Add option to skip certificate check into config file.

    $ echo "check-certificate = off" >> ~/.wgetrc

    Only use this method in development setting or wherever security is not critical.

  4. Test against https page with error again without using –no-check-certificate.

    $ wget https://onlineweb.tools --2021-03-29 11:42:29--  https://onlineweb.tools/ Resolving onlineweb.tools (onlineweb.tools)... 127.0.0.1 Connecting to onlineweb.tools (onlineweb.tools)|127.0.0.1|:443... connected. WARNING: cannot verify onlineweb.tools's certificate, issued by ‘CN=mkcert name@hostname (Your Name),OU=name@hostname (Your Name),O=mkcert development CA’:   Unable to locally verify the issuer's authority. HTTP request sent, awaiting response... 200 OK Length: unspecified [text/html] Saving to: ‘index.html.1’  index.html              [ <=>                     ]  31.01K  --.-KB/s    in 0s  2021-03-29 11:42:29 (115 MB/s) - ‘index.html’ saved [31755]