I am trying to connect to application on localhost which uses SSL. I am using Mac OS X Mavericks. The error I am getting is following:
Error sending cURL get request to https://dev.site.com:5555/version
Error code: 60 Error msg: SSL certificate problem: Invalid certificate chain
I tried to add certificates to the chain:
/usr/bin/security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" /etc/path/ca_key.pem
Still getting the same error.
The option --with-openssl
no longer works as of
https://github.com/Homebrew/homebrew-core/pull/36263
Just install curl-openssl
instead of curl
.
$ brew install curl-openssl
$ /usr/local/opt/curl-openssl/bin/curl --version
curl 7.64.1 (x86_64-apple-darwin18.2.0) libcurl/7.64.1 OpenSSL/1.0.2r zlib/1.2.11 brotli/1.0.7 c-ares/1.15.0 libssh2/1.8.2 nghttp2/1.38.0 librtmp/2.3
Release-Date: 2019-03-27
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: AsynchDNS brotli GSS-API HTTP2 HTTPS-proxy IPv6 Kerberos Largefile libz Metalink NTLM NTLM_WB SPNEGO SSL TLS-SRP UnixSockets
In some cases will be better to use standard curl (eg if you develop on Mac code for Linux or *BSD). In this case you can do like that:
Install Homebrew
Install curl with standard certificates support (no more Keychain certs).
brew install curl --with-openssl && brew link curl --force
Install root CA certs from http://curl.haxx.se/ca/cacert.pem into /usr/local/etc/openssl/certs/cacert.pem
Add into your ~/.bash_profile
export CURL_CA_BUNDLE=/usr/local/etc/openssl/certs/cacert.pem
After 4 steps you can use curl with certificates from file, not from Keychain.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With