Curl command for https ( SSL )

if you’re using a self signed certificate on the server, you can use:

curl -k https://example.com:8443/cli/agentCLI -u username:password

but be aware that then it’s no better than using non SSL connection to the server, as your communication won’t be secure anymore, enabling all sorts of man in the middle attacks.

Though my advice to you is to download the .pem from the server:

using:

echo "HEAD / HTTP/1.0\n Host: example.com\n\n EOT\n" | openssl s_client -prexit -connect example.com:8443 > cert.pem

to your computer, keep only the part between BEGIN CERTIFICATE and END CERTIFICATE within the file (including the BEGIN/END lines) and give it as parameter to the --cacert option, you might also download it. Then you’ll get to authenticate your server each time you connect!

curl --cacert cert.pem https://example.com:8443/cli/agentCLI -u username:password

Testing on my own self-signed server, it’s working fine:

% openssl s_client -showcerts -connect example.com:443 </dev/null 2>/dev/null | sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' | grep -m1 -B-1 -- '-----END CERTIFICATE-----'  > cert.pem
% curl --cacert cert.pem https://example.com

for an example that should be working:

% openssl s_client -showcerts -connect git.cryptolib.org:443 </dev/null 2>/dev/null | sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' | grep -m1 -B-1 -- '-----END CERTIFICATE-----'  > cert.pem
% curl --cacert cert.pem https://git.cryptolib.org
curl: (51) SSL: certificate verification failed (result: 5)

but sadly it’s not.

I also tried to do, as suggested here:

% openssl x509 -inform PEM -in cert.pem -text -out certdata.pem
% curl --cacert certdata.pem https://git.cryptolib.org

Which is not working, because that site (git.cryptolib.org) I’m using for testing is not self-signed, but it’s from the CACert chain, which can be solved by using the CACert root certificates, following this FAQ.

a few resources to dig:

But no definitive answer so far :-s

Related Posts:

  1. https connection using CURL from command line
  2. performing HTTP requests with cURL (using PROXY)
  3. How can I recursively find all files in current and subfolders based on wildcard matching?
  4. How to perform grep operation on all files in a directory?
  5. subprocess.Popen(): OSError: [Errno 8] Exec format error in python?
  6. How to substitute shell variables in complex text files
  7. How can I recursively find all files in current and subfolders based on wildcard matching?
  8. How to exclude a directory in find . command
  9. “sed” command in bash
  10. How to exclude a directory in find . command
  11. Shell command to tar directory excluding certain files/folders
  12. Pseudo-terminal will not be allocated because stdin is not a terminal
  13. Given two directory trees, how can I find out which files differ by content?
  14. Diff command along with Grep gives “Binary file (standard input) matches”
  15. Pseudo-terminal will not be allocated because stdin is not a terminal
  16. screen Cannot open your terminal ‘/dev/pts/0’ – please check
  17. curl: (6) Could not resolve host: google.com; Name or service not known
  18. ./configure : /bin/sh^M : bad interpreter
  19. What is the difference between “#!/usr/bin/env bash” and “#!/usr/bin/bash”?
  20. Is there a “goto” statement in bash?
  21. Implementing shell in C and need help handling input/output redirection
  22. Command to change the default home directory of a user
  23. Unable to establish SSL connection upon wget on Ubuntu 14.04 LTS
  24. Writing a simple shell in C using fork/execvp
  25. Implementation of multiple pipes in C
  26. chmod: changing permissions of ‘my_script.sh’: Operation not permitted
  27. What does “&” at the end of a linux command mean?
  28. What does set -e mean in a bash script?
  29. What does set -e mean in a bash script?
  30. wget returns “Unable to establish SSL connection”
  31. Syntax error near unexpected token ‘then’
  32. Curl : connection refused
  33. How to use sed to extract substring
  34. How do I know the script file name in a Bash script?
  35. https and wordpress breaks posts
  36. How to send user data from one website to another
  37. Shell command to monitor changes in a file
  38. SSL Certificate Location on UNIX/Linux
  39. What is “-bash: !”: event not found”
  40. What does ‘set -e’ do, and why might it be considered dangerous?
  41. How to add a timestamp to bash script log?
  42. Colors in bash after piping through less?
  43. How can I kill all stopped jobs?
  44. How to run command as user who has /usr/sbin/nologin as Shell?
  45. Curl: disable certificate verification
  46. Is there a way to do a remote “ls” much like “scp” does a remote copy?
  47. How do I join two named pipes into single input stream in linux
  48. How do I deal with a filename that starts with the hyphen (-) character?
  49. How can I symlink a file in Linux? [closed]
  50. Kill detached screen session [closed]
  51. How to get the url of the current svn repo?
  52. Amazon Linux: apt-get: command not found
  53. Pass a password to ssh in pure bash
  54. How can I find all *.js file in directory recursively in Linux?
  55. Argument list too long error for rm, cp, mv commands
  56. Difference between using “chmod a+x” and “chmod 755”
  57. ssh: Could not resolve hostname [hostname]: nodename nor servname provided, or not known
  58. Python subprocess.Popen “OSError: [Errno 12] Cannot allocate memory”
  59. Simple Java HTTPS server
  60. How to open some ports on Ubuntu?
  61. What does it mean to mount a file system in linux?
  62. -bash: fork: Cannot allocate memory
  63. Explanation of polkitd Unregistered Authentication Agent
  64. Bash script: bad interpreter
  65. PHP and mod_fcgid: ap_pass_brigade failed in handle_request_ipc function
  66. How to grep and replace
  67. How to recursively download a folder via FTP on Linux
  68. httpd: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1 for ServerName
  69. curl: (60) Peer’s Certificate issuer is not recognized.
  70. How to include file in a bash shell script
  71. Does Mac OS X use Linux?
  72. Issues with installing python libraries on Windows : CondaHTTPError: HTTP 000 CONNECTION FAILED for url
  73. bash sh – command not found 
  74. Disable SSL / HTTPS for wordpress
  75. Hosting multiple WordPress sites on single server – best practices?
  76. After updating site to use SSL all images in posts point to http://
  77. In WP versions >= 4.0, is FORCE_SSL_LOGIN forcing HTTPS for the entire admin session?
  78. Gravity Forms not loading under https, jQuery is not defined
  79. Occasional HTTPS Mixed Content Warning
  80. WordPress site shows “File not found.” if opened through https
  81. wordpress http to https windows server
  82. Locked out of admin and some pictures don’t show after failed SSL installation
  83. Generate HTTPS Urls in multisite
  84. URLs not being output with https
  85. How to enable http (not just https) in wordpress?
  86. WordPress Multisite keeps redirecting to HTTPS
  87. I get “too many redirects” problem when migrating localhost site
  88. Not logged in when using http
  89. What are some best practices to clean up http mix content warnings?
  90. How to force static assets with HTTP sources to load over HTTPS?
  91. Why is my crontab not working, and how can I troubleshoot it?
  92. Why is “chmod -R 777 /” destructive?
  93. How to check if a library is installed?
  94. Is it normal to get hundreds of break-in attempts per day?
  95. How do I prevent accidental rm -rf /*?
  96. What does Virtual memory size in top mean?
  97. What’s the best way to check if a volume is mounted in a Bash script?
  98. How do I find the UUID of a filesystem
  99. Find out symbolic link target via command line
  100. Meaning of directories on Unix and Unix like systems

Leave a Comment

tech