What certificates does 'curl' use by default?

3.2k Views Asked by HorstKevin At 16 April 2025 at 07:37

Example:

curl -I -L https://cruises.webjet.com.au

fails on Ubuntu 15.04 with

curl: (60) SSL certificate problem: unable to get local issuer certificate

But when I add the root certificate (see https://www.ssllabs.com/ssltest/analyze.html?d=cruises.webjet.com.au&latest) and run

curl -I -L --cacert downlaodedCert.pem https://cruises.webjet.com.au

everything is fine. So I guess 'curl' doesn't use this root certificate by default.

But how can I see which certs it uses?

Original Q&A

There are 1 best solutions below

Rikard Söderström On 16 June 2015 at 08:32 BEST ANSWER

curl uses its own bundle of ca certificates.

So normally you need to add trusted server, one way of doing so is the way you did. Another way if you for example are using Firefox is certutil

You can also extract the ca certs off your Firefox installation, if you just have the 'certutil' tool installed and run the firefox-db2pem.sh script!

Hope you find this information helpful :)

Note: The script is a shell script, so if you are on windows it will be a bit more complicated to use. Might still be possible using msys or cygwin. But by then it starting to become more work than it probably is worth.

What certificates does 'curl' use by default?

There are 1 best solutions below

Related Questions in CURL

Related Questions in CERTIFICATE

Trending Questions

Popular # Hahtags

Popular Questions