CODEWITHSUNDEEP
bashcurlcygwingcutil
blue-sky
blue-sky

Reputation: 53826

How to fix certificate errors when using curl?

When I attempt to download from dl.google.com I receive this error : 

ERROR: The certificate of `dl.google.com' is not trusted.
ERROR: The certificate of `dl.google.com' hasn't got a known issuer.

Here is entire command output

$ curl https://dl.google.com/dl/cloudsdk/release/install_google_cloud_sdk.bash
| bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  3607  100  3607    0     0   2820      0  0:00:01  0:00:01 --:--:--  3125
bash: line 77: [: Files: binary operator expected
wget -O - https://dl.google.com/dl/cloudsdk/release/google-cloud-sdk.tar.gz > tm
p.4wwaU246zk/google-cloud-sdk.tar.gz
--2013-12-12 11:05:41--  https://dl.google.com/dl/cloudsdk/release/google-cloud-
sdk.tar.gz
Resolving my.proxy.com my.proxy.com)... x.x.x.x
Connecting to my.proxy.com (my.proxy.com)|x.x.x.x|:1234... conne
cted.
ERROR: The certificate of `dl.google.com' is not trusted.
ERROR: The certificate of `dl.google.com' hasn't got a known issuer.

Reading this question : How do I fix certificate errors when running wget on an HTTPS URL in Cygwin? an option is to "add the --no-check-certificate option on the wget command-line" but since I'm using curl instead of wget is there a similar option for above command ?

Update : I've tried 

curl -k https://dl.google.com/dl/cloudsdk/release/install_google_cloud_sdk.ba
sh | bash

But same error, could the proxy/firewall be blocking the connection ?

Upvotes: 0

Views: 4087

Answers (1)

hek2mgl
hek2mgl

Reputation: 158030

Original Answer:

You are searching for -k or (long) --insecure .. The man page is your friend ;) :

-k, --insecure (SSL) This option explicitly allows curl to perform "insecure" SSL connections and transfers. All SSL connections are attempted to be made secure by using the CA certificate bundle installed by default. This makes all connections considered "insecure" fail unless -k, --insecure is used. See this online resource for further details: http://curl.haxx.se/docs/sslcerts.html

Edit after update the question:

You showed that you are already using the -k option here. I had a deeper look into your code and the task to be done:

You are trying to download a shell script from google servers. They will have trusted certificate, means you need to remove the -k as it is insecure (like the name).

After download you piping the script directly to bash. So the first question is: Did the download of the script succeed? (Can you post the script to some pastebin, in order to make it possible to verify this for me?) Will go on explaining after this questions have been answered

Upvotes: 2

Related Questions