Why not pick one of the installer ISOs instead?
They have desktop, server or netinstall in their names.
https://www.devuan.org/get-devuan

Is anyone (still) getting those warnings from

wget --no-check-certificate https://www.devuan.org/get-devuan

The certificate was updated 2 weeks ago, and is valid some 8 or so weeks more. So there shouldn't be or have been any warnings.

No, nothing special or strange.

You post the link for the paste here, and then anyone can follow it  while it's valid.

Note that the certificate was Issued On Friday, October 21, 2022 at 10:55:06 AM and it Expires On Thursday, January 19, 2023 at 10:55:05 AM, so something strange is happening here.

Please do the following to download the certificate complained about

echo -n | openssl s_client -connect www.devuan.org:443 -servername www.devuan.org \
    | openssl x509 > /tmp/wwwdevuanorg.cert

and then upload that to pastebin.debian.org for us to review.

maybe you can teach your browser something by adding  .html to the end instead of /

which link?

It all happens in the partitioning step:

1. first you declare partitions for use in raid setup

2. then you set up the raid device linking it to its partitions

3. and then you partition that into the filesystem partitions you want

"installing the base system" at 6% is where packages are loaded and validated; nothing yet unpacked.
If it breaks there, then it's due to one of 3 things:
  1) that your media is "corrupted"/broken or
  2) that the target partition is too small or broken, or
  3) that the RAM (which holds the installer system itself) is too small.

libsemanage-common_3.1-1_all.deb is a mere 20K, and loaded after maybe at about 30Mb has been used on the partition.

Unless you make a mistake when partitioning, it would suggest that your media is corrupted.

The published ISO image does not come with that corruption (as evidenced by that it's the same image since start and more than a few people have used it successfully)
You need to verify your download of that image using the published SHA256SUM, and you may well need to verify the physical media it is placed on as well.

Ok;
.. so I choose language (english), location (US.. lying), locale (en_US.UTF-8), no additional; just "continue"
.. I skip past access software
.. I skip past speech synthesizer
.. I do configure keyboard (am english)
.. it skips selecting layout automatically
.. I let it detect media
.. I load the default components only (select nothing of the extras, then "continue")

are we same enough so far?

So you have difficulty with the chimaera netinstall iso? Do you want assistance?

@Head_on_a_Stick, when you get your systemd pants on you really get fanboi tedious; taking any odd behaviour from the systemd bug collective and cast it as an advantage over something else with sysvinit. Now you seem to want to claim that overriding a service definition is the same as disabling a service?

Yes, sysvinit does not have overriding, and I can see how you might use that to override the service definition in a way that ends up not starting the daemon. Obviously this would compete with any prior overriding, but presumably overriding is actually quite unusual to use for any other purpose? (Otherwise I'd expect someone would have revised the rc script to include it)

I suppose a sysvinit way to achieve a similar override could be to add a premature exit into the startup script. Doing so would likely have the effect (advantage?) that the package installation system would query about that change upon upgrade, and you would then again automatically reconsider whether or not that "override" remains appropriate.

Clearly neither systemd nor sysvinit have a way to block package installation from installing into the boot sequence. I think this is more a result of the Debian principle to deploy services when installing them.

In any case, I'd agree that apt-get purge apparmor is best here, and that it also seems to need a security=none setting (or similar) on the boot command line to make the kernel bypass apparmor kernel code.

A minimalistic approach might be to review the ArchWiki page on ppp, install pppconfig and configure.