I'm trying to build a Docker image, based on ubuntu:20.04, with R and bookdown with PDF support. But I'm getting ERROR: cannot verify yihui.org's certificate [...] with tinytex::install_tinytex():
> tinytex::install_tinytex()
trying URL 'https://yihui.org/tinytex/TinyTeX-1.tar.gz'
trying URL 'https://yihui.org/tinytex/TinyTeX-1.tar.gz'
--2020-11-23 09:19:05-- https://yihui.org/tinytex/TinyTeX-1.tar.gz
Resolving yihui.org (yihui.org)... 167.99.129.42, 134.209.226.211
Connecting to yihui.org (yihui.org)|167.99.129.42|:443... connected.
ERROR: cannot verify yihui.org's certificate, issued by 'CN=SSL-SG1-GROBU,OU=Operations,O=Cloud Services,C=US':
Unable to locally verify the issuer's authority.
To connect to yihui.org insecurely, use `--no-check-certificate'.
Error in download.file(url, output, ..., method = method) :
'wget' call had nonzero exit status
Calls: <Anonymous> ... download_file -> <Anonymous> -> download -> download.file
In addition: Warning messages:
1: In download.file(url, output, ..., method = method) :
URL 'https://yihui.org/tinytex/TinyTeX-1.tar.gz': status was 'SSL peer certificate or SSH remote key was not OK'
2: In download.file(url, output, ..., method = method) :
URL 'https://yihui.org/tinytex/TinyTeX-1.tar.gz': status was 'SSL peer certificate or SSH remote key was not OK'
You may have to restart your system after installing TinyTeX to make sure ~/bin appears in your PATH variable (https://github.com/yihui/tinytex/issues/16).
Execution halted
I need to find a way to verify and trust the certificate chain from yihui.org, as I'm not allowed to bypass the verification with --no-check-certificate.
Thanks in advance for any hint! Mihai
The default docker image has no certificates installed, therefore there are also no root certificates. That is what is indicated by the error message
Unable to locally verify the issuer's authority. You can obtain the root certificates from the packageca-certificates(install it viaapt-get).