curl | permanently disable ssl check?

F

FlorinMarian

Hi!
I have a private subdomain which is self signed and curl doesnt call it because it says:
Code: 
SSL certificate problem: self signed certificate
is there any way to permanently disable this option ? (not with extra arguments when calling curl)

Thank you!
 
If you're in control of the machine this is running on, add that certificate to the trusted ones?

Globally disabling certificate checks MIGHT be possible (I don't know), but would render the whole point of SSL moot…

FlorinMarian said:
(not with extra arguments when calling curl)
Click to expand...
If you just want to avoid typing, maybe create a shell alias for "insecure curl"? I didn't try, but this could be the option you're looking for:
Code: 
       -k, --insecure
              (TLS) By default, every SSL connection curl makes is verified to
              be secure. This option allows curl to proceed and operate even
              for server connections otherwise considered insecure.
              [...]
 
Zirias said:
If you're in control of the machine this is running on, add that certificate to the trusted ones?

Globally disabling certificate checks MIGHT be possible (I don't know), but would render the whole point of SSL moot…


If you just want to avoid typing, maybe create a shell alias for "insecure curl"? I didn't try, but this could be the option you're looking for:
Code: 
       -k, --insecure
              (TLS) By default, every SSL connection curl makes is verified to
              be secure. This option allows curl to proceed and operate even
              for server connections otherwise considered insecure.
              [...]
Click to expand...
Can u tell me, please - how to add my certs to trust list?
Thank you!
 
Create a symlink to the certificate in /etc/ssl/certs, named <hash>.0.
To find the hash, run openssl x509 -in <yourcert> -noout -hash.

edit: Late side notes:
  • If there's a hash collision, increment the extension. E.g. I have cd8c0d63.0 and cd8c0d63.1 there.
  • Q to other readers: Is there a tool to add these symlinks in a convenient way? ;)
 
You must log in or register to reply here.
Back
Top