Windows – Why can’t cURL properly verify a certificate on Windows

curlwindows

When I try to use Curl on windows, to retrieve an https url, I get the dreaded "connection error (60)."

enter image description here

The exact error message is:

curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html

How to resolve this?

Best Answer

I don't know why but I did not find this information all in one place.

Download the SSL-aware version of Curl, or build the SSL-aware version yourself.
From http://curl.haxx.se/docs/caextract.html , Download the cacert.pem file.
Place the curl.exe and the .pem file in the same directory.
Rename the cacert.pem file to curl-ca-bundle.crt
Re-run curl.exe !

EDIT:

There are other ways to solve the problem. this particular way relies on a cacert produced by the maker of Curl. That may not be what you want, and in particular, it may not work for cases where you have a less-than-well-known certifying authority (such as an authority known only to your corporation) for the certificate used by the SSL site. In that case, you will want to generate your own curl-ca-bundle.crt file. You can use certreq.exe and openssl.exe to export such a cert from the IE/Windows store, and then convert-to-pem-format, respectively.

Best Answer

Related Solutions

CURL hangs trying to upload file from stdin

Linux – Curl Couldn’t resolve host for HTTPS

Related Question