Curl is a command line tool and library which implements protocols like HTTP, HTTPS, FTP etc. Curl also supports HTTPS protocol which is secure version of the HTTP. Using curl may create some problems. We will examine how to solve these curl HTTPS related problems.
Install Curl
We will start with the installation of the curl
tool with the following command.
Ubuntu, Debian, Mint, Kali:
$ sudo apt install curl

Fedora, CentOS, RHEL:
$ sudo yum install curl
SSL/TLS Problems
Especial in self-signed or expired X.509 or SSL/TLS certificates may create problems. The error detail is printed to the terminal. As an example, we will try to access https://www.wikipedia.com and we will get an error like
curl: (51) SSL: no alternative certificate subject name matches target host name 'www.wikipedia.com'
AND we run following command.
$ curl https://www.wikipedia.com

Allow Insecure Connections
In order to prevent this error and accept an insecure certificate, we need to provide--insecure
This will accept all provided certificates without complaining about it.
$ curl --insecure https://www.wikipedia.com

Provide Site HTTPS Certificate Manually
If we do not want to use web site provided certificate and provide sites HTTPS certificate manually we can use -E
or --cert
option with the certificate file. In this example, we will use a certificate named inwk.cert
order to connect https://www.wikipedia.com.
$ curl -E wk.cert https://www.wikipedia.com
Provide a Certificate Authority Certificate Explicitly
In some cases, we may need to use another certificate chain then internet. Certificate chains provide a trust relationship between hierarchical certificates where the leaf is the site certificate we want to navigate. Certificate Authority is the top certificate which is provided by Certification Authority firms. We can provide another certificate authority like our company local certificate authority with the --cacert
option.
$ curl --cacert mycompany.cert https://www.mycompany.com
Great article Ismail!! Was very helpful to me but there is a typo in the ‘Allow insecure Connections’, you typed –slient 😛
Thank you again!
Hi Isra,
Thanks for your correction. I have fixed it.
Have a nice day.
Rarely do these type of tutorials exist! But i have a problem (half related/half not to this problem) and i would appreciate help! I’m trying to make a local website and implement a steam login page. Every time i try to click the login button, it shows me that it could not connect to host “steamcommunity.com”. I added that site in my /etc/hosts file and later on, it shows me that no openID server was found on steamcommunity.com/openid.
Later on, i switched the protocol to be HTTPS instead of http and now it shows “couldn’t connect to host” error. Can’t find the fix anywhere, but everyone relates this problem to cURL (7) and i’ve tried everything and still can’t manage to fix it.
But within this thread here, –insecure wikipedia works great (or any other site), but steamcommunity constantly shows curl: (7) couldn’t connect to host. I would seriously appreciate help!
Thanks your article
How check permission network in my server centos?