I am new here to post question, so pardon my way of asking. I am hitting a secure rest api through curl command like below.
curl -X GET -H 'Authorization: Bearer ${Token}' https://localhost/student-sevice/list-of-student
Getting error like below
Curl(60) SSL certficate problem: Self signed certificate. Curl failed to verify the legitimacy of the server and therefore could not establish secured connection
It is because you localhost server’s SSL certificate is self-signed (signed by itself) and not signed by a well known Certified Authority (CA).
This makes curl (or any https requester, like a browser as Chrome) not able to guarantee that the certifícate is worth of thrust, because basically that certificate is saying: ‘trust me, i am who i say i am’, but in practice there is nothing backing that affirmation. That is precisely the role of a external CA: validate that the identity of the signed certificate is truly from who claims to be (https://en.m.wikipedia.org/wiki/Certificate_authority)
You can bypass curl CA validation with the insecure -k flag (https://linux.die.net/man/1/curl), like this:
curl -X GET -H 'Authorization: Bearer ${Token}' -k https://localhost/student-sevice/list-of-student
Whatsoever, I would strongly recommend that you change your server certificate with one validated by a well known CA to avoid further problems.
See also, duplicated of: How to disable cURL SSL certificate verification
