You are using the application cURL to send or retrieve files and web pages from a secured (HTTPS) site but it's failing to establish a connection and showing certificate errors.
Example of error message with cURL for Windows
C:\curl https://www.purple.com
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
This issue is caused by one of the following reasons:
(Please note that a Linux OS can only be protected via IPSec tunnel or Proxy Forwarding access methods).
Add the WSS root certificate to the your operating system store:
Windows:
Ubuntu/Debian
Create a directory for extra CA certificates in /usr/share/ca-certificates
:
sudo mkdir /usr/share/ca-certificates/extra
Copy the CertEmulationCA.crt
file to this directory:
sudo cp CertEmulationCA.crt /usr/share/ca-certificates/extra/CertEmulationCA.crt
Update ca-certificates configuration to include the recently imported certificate.
sudo dpkg-reconfigure ca-certificates
Alternatively, you can instruct cURL to use the certificate when running the command:
curl --cacert c:\temp\CertEmulationCA.crt https://www.securesite.com/