When I try to use Curl on windows, to retrieve an https
url, I get the dreaded "connection error (60)."
The exact error message is:
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html
How to resolve this?
Best Answer
I don't know why but I did not find this information all in one place.
Download the SSL-aware version of Curl, or build the SSL-aware version yourself.
From http://curl.haxx.se/docs/caextract.html , Download the cacert.pem file.
Place the curl.exe and the .pem file in the same directory.
Rename the
cacert.pem
file tocurl-ca-bundle.crt
Re-run curl.exe !
EDIT:
There are other ways to solve the problem. this particular way relies on a cacert produced by the maker of Curl. That may not be what you want, and in particular, it may not work for cases where you have a less-than-well-known certifying authority (such as an authority known only to your corporation) for the certificate used by the SSL site. In that case, you will want to generate your own
curl-ca-bundle.crt
file. You can use certreq.exe and openssl.exe to export such a cert from the IE/Windows store, and then convert-to-pem-format, respectively.