When sending requests with Curl, the default operation includes verifying the server's SSL certificate. This is crucial for ensuring secure communication and confirming the server's identity. However, there are scenarios, like testing and development, where it might be necessary to bypass SSL certificate checks. This tutorial explains how to ignore SSL certificate check with a Curl.
Warning: Skipping SSL certificate checks can make your application vulnerable to security threats like man-in-the-middle attacks. Always verify SSL certificates in production.
For example, if you wish to send a GET request to a server, you typically use:
curl https://self-signed.badssl.com
If SSL certificate is self-signed, you will get an error like this:
curl: (60) SSL certificate problem: self-signed certificate
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
To ignore SSL certificate, add the -k
or --insecure
option to your curl
command:
curl -k https://self-signed.badssl.com
curl --insecure https://self-signed.badssl.com
It bypasses SSL certificate check, and shows the response from the server.
Leave a Comment
Cancel reply