This is to give you some idea how hard it will be to
bootstrap. Apparently Firefox has its own certificate store.
But (of course), a modern Firefox, like a Firefox 91 won't
run on Windows XP.
I picked this post, the one at the end right now, to
show there are "hand tools" that are not browsers.
https://borncity.com/win/2021/09/30/sept-30-2021-will-we-see-trouble-with-old-lets-encrypt-certificates/
"Ubuntu 16.04 doesnt recognizes at all.
Tried to update the /etc/ssl/certs/ca-certificates.crt but no effect.
The only thing that made it work was to update openssl package and
then update curl pointing to the new openssl (all done by compiling method)
to get the curl to work.
wget still not working as its as pre-compiled with old openssl…
Still wondering if it has something to do with this topic or just a coincidence."
What we'd need then, is a curl which is updated today, and
available on an http (not https) site.
https://curl.se/download.html # Yeah, I know, https
curl version: 7.79.1
Build: 7.79.1
Date: 2021-09-22 # Not today...
https://curl.se/windows/dl-7.79.1/curl-7.79.1-win32-mingw.zip <=== advertised as...
http://curl.se/windows/dl-7.79.1/curl-7.79.1-win32-mingw.zip <=== seems to work...
WGET would be the better tool, because the description reads as this,
but as far as I know, it doesn't have internal certificates.
"wget is a fantastic tool for downloading content and files. It can download files,
web pages, and directories. It contains intelligent routines to traverse links in
web pages and recursively download content across an entire website. It is
unsurpassed as a command-line download manager."
Now CURL is supposed to have certificates, as part of pulling stuff
into its library.
"curl satisfies an altogether different need. Yes, it can retrieve files, but it
cannot recursively navigate a website looking for content to retrieve."
This usage of CURL is silly. Don't do this. The problem would be,
with binary or ISOs or the like. You want something that won't screw up,
if doing big downloads.
cd /d C:\Downloads\CurlDir # Point at the dir with the EXE in it
curl
https://www.bbc.com > bbc.html
Whereas this one, puts content into a file. The log should still
be dumped into Command Prompt.
curl -o bbc.html
https://www.bbc.com
My WinXP computer broke two days ago (would freeze in memtest).
All the hardware is pulled from the computer case, the case is
just sitting near my shoulder, EMPTY!!! No hardwares. Can't test
diddly now. I'm running off Win7 at the moment, haven't moved
my email over, the usual mess.
Now, we need any emergency OS with Firefox in it, on the
assumption it has certificates. I picked the Lite version,
for lower RAM consumption.
https://mirror.clarkson.edu/zorinos/isos/15/Zorin-OS-15.3-Lite-32-bit.iso
curl -o zorin153x86.iso
https://mirror.clarkson.edu/zorinos/isos/15/Zorin-OS-15.3-Lite-32-bit.iso
That's around 2GB, so should work in FAT32 for storage, and you
can burn a DVD of that for boot purposes.
I tested in a VM, and that will boot on 512MB, but you can't
start Firefox unless the computer has about 1GB of RAM for "comfort".
Running a LiveDVD, RAM is used for scratch file space, which is
why these things jam up so easily.
I can put that on a USB stick. I used
rufus.ie to do a USB stick,
and it offered me a 26GB casper-rw persistent partition. This is
on a 32GB USB stick. This is an EXT partition and not just a loopback
mount as might be more normal (lots of persistent sticks have
just 4GB of storage on a bitmap file sitting on a FAT32 partition,
which is why they have the 4GB limit). This happens to be a Ubuntu at
the moment, and I can see a file stamping the stick as being
made by Rufus.
--- /dev/sde
Block device, size 29.22 GiB (31376707072 bytes)
DOS/MBR partition map
Partition 1: 3.221 GiB (3458359296 bytes, 6754608 sectors from 2048, bootable)
Type 0x0C (Win95 FAT32 (LBA))
SYSLINUX boot loader
FAT32 file system (hints score 4 of 5)
Volume size 3.217 GiB (3454156800 bytes, 210825 clusters of 16 KiB)
Partition 2: 26.00 GiB (27917277696 bytes, 54525933 sectors from 6756656)
Type 0x83 (Linux)
Ext3 file system
Volume name "casper-rw"
UUID 69FD8B2A-C16A-8B42-9C60-6DDC9C4FE0E9 (DCE, v8)
Last mounted at "/"
Volume size 26.00 GiB (27917275136 bytes, 6815741 blocks of 4 KiB)
The USB would be useful, if you've done these before, and your
machine has a USB boot capability. Otherwise, it's a DVD thing.
A DVD won't work on my first PC (1.1GHz Tualatin), and there
I need a CD instead (the BIOS does not grok DVD type as a hardware).
This might not work due to github web code. But if it does, you can
play with using a USB stick instead of a DVD blank.
curl.exe -o rufus315.exe
https://github.com/pbatard/rufus/releases/download/v3.15/rufus-3.15p.exe
Once you're booted into Zorin Live Lite, you can follow Shadows suggestions
and look at various web sites for certificate downloads.
I don't know how far you'll get, but that's an idea of
how I'd try to escape the Houdini box you're in.
Paul