SSL verification error when running
https-based websites with the
SSL certificates that are either misconfigured, expired, or self-signed such as the following;
$ curl https://www.example.com/ curl: (51) Unable to communicate securely with peer: requested domain name does not match the server's certificate.
This is because
curl will verify each
SSL connection to be secure before proceeding.
To overcome this, you can use
-k or the
-k, --insecure (TLS) By default, every SSL connection curl makes is verified to be secure. This option allows curl to proceed and operate even for server connections otherwise considered insecure. The server connection is verified by making sure the server's certificate contains the right name and verifies successfully using the cert store. See this online resource for further details: https://curl.haxx.se/docs/sslcerts.html See also --proxy-insecure and --cacert.
-k in place,
curl will skip the verification process and you'll be able to request the web page albeit insecurely.
$ curl -k https://www.example.com/ <html> <head> <meta HTTP-EQUIV="REFRESH" content="0; url=/newpage.php"> </head> </html>
Use the in-demand Linux skills you learn in this course to get promoted or start a new career as a Linux professional!
Written by Mohd Shakir Zakaria.
Last updated on 2019-02-12.