SSL issues

[darkvertex]

Seeing a lot of this when calling https:// urls with valid certs and the calls fail:

curl: (77) error setting certificate verify locations:  CAfile: /etc/ssl/certs/ca-certificates.crt CApath: none

I can bypass it in the meantime by adding --insecure.

[hellojukay]

+1

[tiberndt]

+1

[bittorf]

If ca-certificates.crt is missing, you can symlink your ca-bundle or call it directly, see:

[root@box ~]# ls -l /etc/ssl/certs/ca-certificates.crt
ls: cannot access /etc/ssl/certs/ca-certificates.crt: No such file or directory

[root@box ~]# find / -xdev -name ca-bundle.crt
/etc/pki/tls/certs/ca-bundle.crt

# test if it works:
[root@box ~]# curl-static --cacert /etc/pki/tls/certs/ca-bundle.crt https://your-test-call && echo OK
...
OK

# symlink:
[root@box ~]# ln -s /etc/pki/tls/certs/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt && echo OK
OK

# check symlink:
[root@box ~]# ls -l /etc/ssl/certs/ca-certificates.crt
lrwxrwxrwx. 1 root root 32 Mar  4 10:56 /etc/ssl/certs/ca-certificates.crt -> /etc/pki/tls/certs/ca-bundle.crt

# test again:
[root@box ~]# curl-static https://your-test-call && echo OK
...
OK