curl – SSL证书错误

前端之家收集整理的这篇文章主要介绍了curl – SSL证书错误前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
我正在使用key,ca,cert in options测试对本地节点服务器的SSL访问(自签名w OpenSSL)
var server_options = {
  key: fs.readFileSync('/etc/ssl/self-signed/server.key'),ca: fs.readFileSync('/etc/ssl/self-signed/server.csr'),cert: fs.readFileSync('/etc/ssl/self-signed/server.crt')
};

试图访问它:

curl -v --user 1234567890:abcdefghijklmnopqrstuvwxyz --data "grant_type=password&username=yves&password=123456789" https://macMini.local:8000/oauth/token

使用curl我收到以下错误

curl: (60) SSL certificate problem,verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify Failed

我从http://curl.haxx.se/ca/cacert.pem下载了ca证书并将它们添加到我的curl-ca-bundle-new.crt文件中,正如一些与curl相关的帖子中所建议的那样……但是没办法

这是日志

  • About to connect() to macMini.local port 8000 (#0)
    • Trying 192.168.1.14…
    • connected
    • Connected to macMini.local (192.168.1.14) port 8000 (#0)
    • SSLv3,TLS handshake,Client hello (1):
    • SSLv3,Server hello (2):
    • SSLv3,CERT (11):
    • SSLv3,TLS alert,Server hello (2):
    • SSL certificate problem,verify that the CA cert is OK. Details:
      error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify Failed
    • Closing connection #0
      curl: (60) SSL certificate problem,verify that the CA cert is OK. Details:
      error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify Failed
      More details here: 07001

我知道我可以绕过Curl CA检查,使用:

curl -k -v --user 1234567890:abcdefghijklmnopqrstuvwxyz --data "grant_type=password&username=yves&password=123456789" https://macMini.local:8000/oauth/token

在这种情况下运行正常,我可以看到:

SSL certificate verify result: self signed certificate (18),continuing anyway.

但是我想知道是否有办法解决这个问题……

解决方法

这是您应该添加到CA捆绑包的自签名证书.否则,curl无法知道它可以信任.

猜你在找的Linux相关文章