a>。 一些资源: http://curl.haxx.se/docs/sslcerts.html http:/ /curl.haxx.se/mail/archive-2012-01/0049.html https://turboflash.wordpress.com/2009/06/23/curl-adding-installing-trusting -new-self-signed-certificate / http://curl.haxx.se/docs/caextract.html 但是没有确定的答案到目前为止:-s I am trying to run the following CURL command but I am getting a SSL Certificate error:curl https://example.com:8443/cli/agentCLI -u username:passwordError:How would I fix this issue to allow for SSL URLs? 解决方案 if you're using a self signed certificate on the server, you can use:curl -k https://example.com:8443/cli/agentCLI -u username:passwordbut be aware that then it's no better than using non SSL connection to the server, as your communication won't be secure anymore, enabling all sorts of man in the middle attacks.Though my advice to you is to download the .pem from the server:that is usually found in /etc/ssl/ if you have access to the server,or that you can download,using: echo "HEAD / HTTP/1.0\n Host: example.com\n\n EOT\n" | openssl s_client -prexit -connect example.com:8443 > cert.pemto your computer, keep only the part between BEGIN CERTIFICATE and END CERTIFICATE within the file (including the BEGIN/END lines) and give it as parameter to the --cacert option, you might also download it. Then you'll get to authenticate your server each time you connect!curl --cacert cert.pem https://example.com:8443/cli/agentCLI -u username:passwordTesting on my own self-signed server, it's working fine:% openssl s_client -showcerts -connect example.com:443 </dev/null 2>/dev/null | sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' | grep -m1 -B-1 -- '-----END CERTIFICATE-----' > cert.pem% curl --cacert cert.pem https://example.comfor an example that should be working:% openssl s_client -showcerts -connect git.cryptolib.org:443 </dev/null 2>/dev/null | sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' | grep -m1 -B-1 -- '-----END CERTIFICATE-----' > cert.pem% curl --cacert cert.pem https://git.cryptolib.orgcurl: (51) SSL: certificate verification failed (result: 5)but sadly it's not.I also tried to do, as suggested here:% openssl x509 -inform PEM -in cert.pem -text -out certdata.pem% curl --cacert certdata.pem https://git.cryptolib.orgWhich is not working, because that site (git.cryptolib.org) I'm using for testing is not self-signed, but it's from the CACert chain, which can be solved by using the CACert root certificates, following this FAQ.a few resources to dig:http://curl.haxx.se/docs/sslcerts.htmlhttp://curl.haxx.se/mail/archive-2012-01/0049.htmlhttps://turboflash.wordpress.com/2009/06/23/curl-adding-installing-trusting-new-self-signed-certificate/http://curl.haxx.se/docs/caextract.htmlcurl self-signed certificate web service over SSLBut no definitive answer so far :-s 这篇关于https(SSL)的curl命令的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持! 上岸,阿里云!