114

Hello i want to use an API for a website but there an error with my curl command.

I want to disable SSL certificate verification.

curl: (60) SSL certificate problem: self signed certificate in certificate chain
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
Zach Smith
  • 8,458
  • 13
  • 59
  • 133
Micky
  • 1,295
  • 3
  • 8
  • 5
  • You should show your code. As written, this is just a question about how to run commands. Based on your code the community might be able to suggest how to use the proper CA for the connection instead of disabling it altogether. Your strategy leaves a lot to be desired. Also see [The most dangerous code in the world: validating SSL certificates in non-browser software](http://crypto.stanford.edu/~dabo/pubs/abstracts/ssl-client-bugs.html). – jww Feb 27 '18 at 17:39
  • 2
    curl -k htps://target-site.com – Siwei Apr 07 '22 at 23:19

1 Answers1

185

Simply add the -k switch somewhere before the url.

Disclaimer: Use this at your own risk.

man curl | less +/--insecure

-k, --insecure (TLS) By default, every SSL connection curl makes is verified to be secure. This option allows curl to proceed and operate even for server connections otherwise considered insecure.

The server connection is verified by making sure the server's certificate contains the right name and verifies successfully using the cert store.

See this online resource for further details: https://curl.haxx.se/docs/sslcerts.html

See also --proxy-insecure and --cacert

Community
  • 1
  • 1
Gilles Quénot
  • 173,512
  • 41
  • 224
  • 223