Use self signed certificate with cURL?

Question

I have a flask application running using a self signed certificate. I\'m able to send in a curl request using:

curl -v -k -H \"Content-Type: application/json         


        

Answer 1

This is just another version of this question: Using openssl to get the certificate from a server

Or put more bluntly:

Using curl --cert is wrong, it is for client certificates.

First, get the the certs your server is using:

$ echo quit | openssl s_client -showcerts -servername server -connect server:443 > cacert.pem

(-servername is necessary for SNI so that you get the right virtual server's certificate back)

Then make your curl command line use that set to verify the server in subsequent operations:

$ curl --cacert cacert.pem https://server/ [and the rest]