Curl with custom certificate

ssl-certificate openssl curl
41,528

Solution 1

CA in cacert means certification authority. You should specify the cert or cert path of the authority that signed your certificate, not your certificate itself

the command

openssl x509 -in YourSitePemCert -text

should list an issuer line. you should get the issuer certificate and include it the cacert pem file

( in your case searching godaddy cert chain lead to https://certs.godaddy.com/repository )

Solution 2

According documentation:

curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option.

If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option.

For goDaddy you must use SSL Certificate and CA Bundle (gd_bundle.crt). You can download from https://certs.godaddy.com/repository/gd_bundle.crt

Eg.

curl https://mysite.com --cacert gd_bundle.crt
Share:
41,528
ProfHase85
Author by

ProfHase85

Updated on September 18, 2022

Comments

  • ProfHase85
    ProfHase85 over 1 year

    I 'd like curl to work with sites signed by goDaddy: If I call 

    curl mypage.com/bla

    I am getting a certificate verification error. I tried getting the ca certificate with this snippet:

    echo | openssl s_client -connect mysite.com:443 2>&1 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > cert.pem

    and afterwards calling

    curl mypage.com/bla --cacert cert.pem

    which also caused a verification error. I checked the certificate date and subject and everything seems fine?

    What am I missing? Do I maybe need the whole chain? If yes, is there a command to get it all?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Cannot install anything with brew, Error: Failed to download resource "git--html"
curl - SSL peer does not support certificates of the type it received
What does "tlsv1 alert unknown ca" mean?
Curl: unable to get local issuer certificate. How to debug?
curl: (60) SSL certificate problem: unable to get local issuer certificate
Accessing Azure blob storage using bash, curl
Laravel Guzzle : curl error 77 error setting certificate verify locations
Specify Subject Alternative Name when generating a self signed certificate
Error while creating self-signed SSL certificate
Invalid CA certificate with self signed certificate chain