curl: (60) SSL certificate problem: unable to get local issuer certificate
root@sclrdev:/home/sclr/certs/FreshCerts# curl --ftp-ssl --verbose ftp://{abc}/ -u trup:trup --cacert /etc/ssl/certs/ca-certificates.crt
* About to connect() to {abc
-
This is ssh certificate store issue. You need to download the valid certificate pem file from target CA website, and then build the soft link file to instruct ssl the trusted certifacate.
openssl x509 -hash -noout -in DigiCert_Global_Root_G3.pemyou will get
dd8e9d41build solf link with hash number and suffix the file with a .0 (dot-zero)
dd8e9d41.0Then try again.
讨论(0) -
On windows I was having this problem. Curl was installed by mysysgit, so downloading and installing the newest version fixed my issue.
Otherwise these are decent instructions on how to update your CA cert that you could try.
讨论(0) -
It might be sufficient to just update the list of certificates
sudo update-ca-certificates -fupdate-ca-certificates is a program that updates the directory /etc/ssl/certs to hold SSL certificates and generates ca-certificates.crt, a concatenated single-file list of certificates.
讨论(0) -
Simple solution: IN
~/.sdkman/etc/config, changesdkman_insecure_ssl=trueSteps:
nano~/.sdkman/etc/config
changesdkman_insecure_ssl=falsetosdkman_insecure_ssl=true
save and exit讨论(0) -
Try reinstalling curl in Ubuntu, and updating my CA certs with
sudo update-ca-certificates --freshwhich updated the certs讨论(0) -
Had that problem and it was not solved with newer version. /etc/certs had the root cert, the browser said everything is fine. After some testing I got from ssllabs.com the warning, that my chain was not complete (Indeed it was the chain for the old certificate and not the new one). After correcting the cert chain everything was fine, even with curl.
讨论(0)
加载中...
- 热议问题