How to Fix "curl: (60) SSL certificate problem"

One of my customers has a problem with an SSL certificate (HTTPS). The website is normal when accessed using a web browser, HTTPS runs well. But when accessed using the cURL tool, an error arises and fails to connect to the web server.

cURL (client URL) is a tool that functions to transfer data through URLs. cURL is commonly found on Linux / Unix-like operating systems.

cURL or the cURL library are usually used to access the RESTful web service.

Back to the problem, when running the curl command to the website, a error message appears curl: (60) SSL certificate problem: unable to get local issuer certificate.

curl -I https://domain.com

curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

curl -I https://domain.com

curl: (60) SSL certificate problem: unable to get local issuer certificate

More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not

establish a secure connection to it. To learn more about this situation and

how to fix it, please visit the web page mentioned above.

The error message above explains that curl does not recognize the party that issued the SSL certificate installed in the domain.

Failed to verify server validity and cannot continue connecting to the server for security reasons.

Solution

The solution to the problem above is to merge the .crt file with the ca-bundle file via the cat command.

cat domain_com.crt domain_com.ca-bundle > domain_com.ssl

1	cat domain_com.crt domain_com.ca-bundle > domain_com.ssl

The file generated from the merge process above is then entered into the web server configuration as an SSL certificate file.

Example of SSL configuration on Nginx web server.

ssl on;
ssl_certificate /etc/ssl/domain_com.ssl;
ssl_certificate_key /etc/ssl/domain_com.key;

ssl on;

ssl_certificate /etc/ssl/domain_com.ssl;

ssl_certificate_key /etc/ssl/domain_com.key;

Restart the web server and then try testing access the website again with curl.

curl -I https://domain.com

HTTP/2 200 
server: nginx/1.16.1
date: Sat, 09 Nov 2019 09:48:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
last-modified: Sat, 09 Nov 2019 09:17:52 GMT

curl -I https://domain.com

HTTP/2 200

server: nginx/1.16.1

date: Sat, 09 Nov 2019 09:48:12 GMT

content-type: text/html; charset=UTF-8

vary: Accept-Encoding

x-powered-by: PHP/7.1.33

last-modified: Sat, 09 Nov 2019 09:17:52 GMT

curl has successfully accessed a website

If you found this article helpful and would like to support my work, consider making a donation through PayPal. Your support helps me continue creating useful content and tutorials. Thank you!

Donate via PayPal: https://paypal.me/musaamin

How to Fix “curl: (60) SSL certificate problem”

Solution

How to Deploy Rust Web Application on Ubuntu

Cara Deploy Rust Web App di Ubuntu

How to Deploy Go Web Application on Ubuntu

Cara Deploy Go Web App di Ubuntu

How to Install Directus on Ubuntu 24.04

Cara Install aaPanel Hosting Control Panel

Cara Setting Load Balancing dengan Nginx

Cara Install CKAN untuk Open Data Portal di Ubuntu 20.04

Review VPS Vultr • Gratis Saldo $100

Cara Install dan Setting DNS Server di CentOS 7 pada Jaringan LAN

Leave a ReplyCancel Reply