Curl is a command line tool and library which implements protocols like HTTP, HTTPS, FTP etc. Curl also supports HTTPS protocol which is secure version of the HTTP. Using curl may create some problems. We will examine how to solve these curl HTTPS related problems.
We will start with the installation of the
curl tool with the following command.
Ubuntu, Debian, Mint, Kali:
$ sudo apt install curl
Fedora, CentOS, RHEL:
$ sudo yum install curl
Especial in self signed or expired X.509 or SSL/TLS certificates may create problems. The error detail is printed to the terminal. As an example we will try to access https://www.wikipedia.com and we will get error like
curl: (51) SSL: no alternative certificate subject name matches target host name 'www.wikipedia.com'
AND we run following command.
$ curl https://www.wikipedia.com
Allow Insecure Connections
In order to prevent this error and accept insecure certificate we need to provide
--insecure . This will accept all provided certificates without complaining it.
$ curl --slient https://www.wikipedia.com
Provide Site HTTPS Certificate Manually
If we do not want to use web site provided certificate and provide sites HTTPS certificate manually we can use
--cert option with the certificate file. In this example we will use certificate named
wk.cert in order to connect https://www.wikipedia.com .
$ curl -E wk.cert https://www.wikipedia.com
Provide Certificate Authority Certificate Explicitly
In some cases we may need to use another certificate chain then internet. Certificate chains provide trust relationship between hierarchical certificates where leaf is the site certificate we want to navigate. Certificate Authority is the top certificate which is provided by Certification Auhtority firms. We can provide another certificate authority like our company local certificate authority with the
$ curl --cacert mycompany.cert https://www.mycompany.com