I 'd like curl to work with sites signed by goDaddy:
If I call
curl mypage.com/bla
I am getting a certificate verification error. I tried getting the ca certificate with this snippet:
echo | openssl s_client -connect mysite.com:443 2>&1 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > cert.pem
and afterwards calling
curl mypage.com/bla --cacert cert.pem
which also caused a verification error. I checked the certificate date and subject and everything seems fine?
What am I missing? Do I maybe need the whole chain? If yes, is there a command to get it all?
Best Answer
CA in cacert means certification authority. You should specify the cert or cert path of the authority that signed your certificate, not your certificate itself
the command
should list an issuer line. you should get the issuer certificate and include it the cacert pem file
( in your case searching godaddy cert chain lead to https://certs.godaddy.com/repository )