Ignore SSL Certificate Check with Curl

Ignore SSL Certificate Check with Curl

When sending requests with Curl, the default operation includes verifying the server's SSL certificate. This is crucial for ensuring secure communication and confirming the server's identity. However, there are scenarios, like testing and development, where it might be necessary to bypass SSL certificate checks. This tutorial explains how to ignore SSL certificate check with a Curl.

Warning: Skipping SSL certificate checks can make your application vulnerable to security threats like man-in-the-middle attacks. Always verify SSL certificates in production.

For example, if you wish to send a GET request to a server, you typically use:

curl https://self-signed.badssl.com

If SSL certificate is self-signed, you will get an error like this:

curl: (60) SSL certificate problem: self-signed certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

To ignore SSL certificate, add the -k or --insecure option to your curl command:

curl -k https://self-signed.badssl.com
curl --insecure https://self-signed.badssl.com

It bypasses SSL certificate check, and shows the response from the server.

Leave a Comment

Cancel reply

Your email address will not be published.