Error while curling a https website using self signed certificate

Question

I am trying to curl a tool's rest api which is using self signed certificate. curl -D- -u user:pass -X GET -H "Content-Type: application/json" https://server:8006/api2/json/nodes It gives following error:

"curl: (60) SSL certificate problem: unable to get local issuer certificate"

When using insecure option, following output is received:

HTTP/1.1 401 No ticket Cache-Control: max-age=0 Connection: close Date: Mon, 22 Aug 2016 15:25:18 GMT Pragma: no-cache Server: pve-api-daemon/3.0 Expires: Mon, 22 Aug 2016 15:25:18 GMT

I tried generating server certificate using:

 echo "" | openssl s_client -connect server:8006 -prexit 2>/dev/null | sed -n -e '/BEGIN\ CERTIFICATE/,/END\ CERTIFICATE/ p' > cacert.pem

However, when using this certificate using --cacert option it still gives "curl: (60) SSL certificate problem: unable to get local issuer certificate" error message.

Please let me know what am I missing?

Is server:8006/api2/json/nodes your own api? I'm not sure what you want to do here: just get the response from someone else's insecure api or do something to secure your own api :D — Ioana Marcu

Simone Carletti Simone Carletti · Accepted Answer · 2016-08-22T17:55:10

A self-signed certificate is untrusted by design, you can't get a self-signed certificate to be trusted.

If you want the certificate to be trusted, you need to purchase/request the certificate from a trusted Certificate Authority.

Error while curling a https website using self signed certificate

1 Answers