Menu
I am using curl command to invoke a rest service. It is as follows:
{curl -X POST --ssl-no-revoke --cacert xyz.pem -K urls.txt -H "Authorization:Basic XYZ" -H "Content-Type:application/json" -d @data.json}
The above command is used to hit the service using one way SSL and basic authorization. The data to be passed is enclosed in data.json file and the urls to be hit are enclosed in urls.txt file.
The above command works perfectly in Windows but when executed from linux, it says:
{curl: option --ssl-no-revoke: is unknown
curl: try 'curl --help' or 'curl --manual' for more information}
I want to disable certificate revocation checks altogether. It looks like {--ssl-no-revoke} works on Windows but not Unix/Linux.
Would like to know if any alternative.
232
If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option.
Make curl Ignore SSL Errors When you try to use curl to connect to such a website, the output responds with an error. Note: The --insecure ( -k ) options is similar to the wget --no-check-certificate command used to avoid certificate authorities checking for a server certificate.
libcurl performs peer SSL certificate verification by default. This is done by using a CA certificate store that the SSL library can use to make sure the peer's server certificate is valid.
ssl-no-revoke is Windows Only. The only alternative I'm aware of is to have a valid certificate or not use SSL.
https://curl.haxx.se/docs/manpage.html
81
Using a valid certificate is not always a solution as revocation checks will fail with a valid certificate too when there is no Internet connection (for example, in the presence of a captive portal).
One way is to disable certificate checking altogether, i.e.:
curl --insecure https://www.example.com
Note that this will greatly reduce the security as self signed certificates will also be accepted as well as revoked ones!
37
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
