curl (60) ssl certificate problem self signed certificate localhost at windows

Question

I am new here to post question, so pardon my way of asking. I am hitting a secure rest api through curl command like below.

curl -X GET -H 'Authorization: Bearer ${Token}' https://localhost/student-sevice/list-of-student

Getting error like below

Curl(60) SSL certficate problem: Self signed certificate. Curl failed to verify the legitimacy of the server and therefore could not establish secured connection

Answer 1

It is because you localhost server’s SSL certificate is self-signed (signed by itself) and not signed by a well known Certified Authority (CA).

This makes curl (or any https requester, like a browser as Chrome) not able to guarantee that the certifícate is worth of thrust, because basically that certificate is saying: ‘trust me, i am who i say i am’, but in practice there is nothing backing that affirmation. That is precisely the role of a external CA: validate that the identity of the signed certificate is truly from who claims to be (https://en.m.wikipedia.org/wiki/Certificate_authority)

You can bypass curl CA validation with the insecure -k flag (https://linux.die.net/man/1/curl), like this:

curl -X GET -H 'Authorization: Bearer ${Token}' -k https://localhost/student-sevice/list-of-student 

Whatsoever, I would strongly recommend that you change your server certificate with one validated by a well known CA to avoid further problems.

See also, duplicated of: How to disable cURL SSL certificate verification