Reddy
Reputation: 993
SSL without CA root with openssl s_client
So, I've key and cert file which are using without problem with CURL.
curl -k --key key --cert cert --url myurl
No problem with it. Buf if test connection with openssl s_client i've error 19 self-signed cert in chain.
openssl s_client -key key -cert cert -connect myurl:443
So, seems openssl must have alternative option '-k' of curl which means insecure, allow connections to SSL sites without certs (H). Somebody knows it?
Upvotes: 5
Views: 29992
Answers (1)
Bruno
Reputation: 122649
curl will simply not make the connection at all without -k if the certificate isn't trusted.
In contrast, openssl s_client will make the connection anyway, but will display a warning if the certificate isn't trusted. (You would have to specify a list of trusted CA certificates using -CApath or -CAfile to get rid of that warning.)
Upvotes: 14
Related Questions
- Using curl with --cert
- curl with client certificate authentication
- Getting error in Curl - Peer certificate cannot be authenticated with known CA certificates
- Access server with client certificate using s_client but not curl?
- Authentication with client certificates
- How to give CRL to openssl s_client?
- openSSL sign https_client certificate with CA
- SSL certificate generated with OpenSSL not working on NSS
- Open SSL get certificate from server
- Forward SSL Client certificate using php_curl