Curl is a command line tool and library which implements protocols like HTTP, HTTPS, FTP etc. Curl also supports HTTPS protocol which is secure version of the HTTP. Using curl may create some problems. We will examine how to solve these curl HTTPS related problems.

Install Curl

We will start with the installation of the curl tool with the following command.

Ubuntu, Debian, Mint, Kali:

$ sudo apt install curl

Fedora, CentOS, RHEL:

$ sudo yum install curl

SSL/TLS Problems

Especial in self-signed or expired X.509 or SSL/TLS certificates may create problems. The error detail is printed to the terminal. As an example, we will try to access https://www.wikipedia.com and we will get an error like

curl: (51) SSL: no alternative certificate subject name matches target host name 'www.wikipedia.com'

AND we run following command.

$ curl https://www.wikipedia.com

Allow Insecure Connections

In order to prevent this error and accept an insecure certificate, we need to provide--insecure This will accept all provided certificates without complaining about it.

$ curl --insecure https://www.wikipedia.com

Provide Site HTTPS Certificate Manually

If we do not want to use web site provided certificate and provide sites HTTPS certificate manually we can use -E or --cert option with the certificate file. In this example, we will use a certificate named inwk.cert order to connect https://www.wikipedia.com.

$ curl -E wk.cert  https://www.wikipedia.com

Provide a Certificate Authority Certificate Explicitly

In some cases, we may need to use another certificate chain then internet. Certificate chains provide a trust relationship between hierarchical certificates where the leaf is the site certificate we want to navigate. Certificate Authority is the top certificate which is provided by Certification Authority firms. We can provide another certificate authority like our company local certificate authority with the --cacert option.

$ curl --cacert mycompany.cert  https://www.mycompany.com