You can use the --insecure option to curl without SSL checks
But what if you WANT to use SSL? The curl docs mentions the --cacert option, but its still a little unclear on how to do this.
First you'll need to get the entire certificate path to the https server. You need the entire path because curl does not come with any CA cert info. The cacert option also requires the cert in pem format. Lastly the entire certificate chain should be in 1 file, since the cacert option accepts only 1 file.
1. Get the all the certs from a browser
Get this by clicking on the Lock or Green portion from the address bar
Click on the Connection tab and then "Certificate Information"
Click on the Details tab. Here you can Copy this to a file.
Select the DER encoded binary x.509(.cer) option
Do this for all the entries that show up in the Certificate Path tab (there will be around 3)
2. Convert the .cer files to PEM format with openssl:
3. Now append all these pem files into one repo
Now you can use the certRepo to connect via SSL
curl --insecure -u user:passwd -X GET -H 'Content-Type: application/json' "https//somesecureserver.com/rest/field"
But what if you WANT to use SSL? The curl docs mentions the --cacert option, but its still a little unclear on how to do this.
First you'll need to get the entire certificate path to the https server. You need the entire path because curl does not come with any CA cert info. The cacert option also requires the cert in pem format. Lastly the entire certificate chain should be in 1 file, since the cacert option accepts only 1 file.
1. Get the all the certs from a browser
Get this by clicking on the Lock or Green portion from the address bar
Click on the Connection tab and then "Certificate Information"
Click on the Details tab. Here you can Copy this to a file.
Select the DER encoded binary x.509(.cer) option
Do this for all the entries that show up in the Certificate Path tab (there will be around 3)
2. Convert the .cer files to PEM format with openssl:
openssl x509 -inform DES -in file1.cer -out file1.pem -text
openssl x509 -inform DES -in file2.cer -out file2.pem -text
openssl x509 -inform DES -in file3.cer -out file3.pem -text
3. Now append all these pem files into one repo
cat *.pem > certRepo
Now you can use the certRepo to connect via SSL
curl --cacert certRepo -u user:passwd -X GET -H 'Content-Type: application/json' "https//somesecureserver.com/rest/field"
