How to use curl with a SSL URL to get a 200 OK

curlhttps

I'm trying to use curl to get the HTTP status of a GET request:

curl --insecure --silent --show-error --connect-timeout 1 -I https://host:8443/health

Note: I'm using the --insecure flag in this command.

I get the following output:

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Accept-Ranges: bytes
Last-Modified: Wed, 16 May 2012 03:05:24 GMT
Content-Type: text/html
Content-Length: 1234
Date: Wed, 16 May 2012 08:57:30 GMT

When I navigate to this URL in a browser, it works fine and I get a 200 OK.

How can get a 200 OK from the curl command? Can I export the PEM cert from the browser and use it some way?

Best Answer

You can export the cert from your browser and use it with cURL. From the man page :

-E, --cert [certificate][:password]

(SSL) Tells curl to use the specified client certificate file when getting a file with HTTPS, FTPS or another SSL-based protocol. The certificate must be in PEM format. If the optional password isn't specified, it will be queried for on the terminal. Note that this option assumes a "certificate" file that is the private key and the private certificate concatenated! See --cert and --key to specify them independently.

If curl is built against the NSS SSL library then this option can tell curl the nickname of the certificate to use within the NSS database defined by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be loaded. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname.

If this option is used several times, the last one will be used.

Related Question