153

I am developing and I need to access https://localhost. I know the certificate will not match. I just want curl to ignore that. Currently it gives me the following error message:

curl: (51) SSL peer certificate or SSH remote key was not OK

Is it possible to tell curl to perform the access anyway?

Improve this question
1

3 Answers 3

Reset to default
204

Yeah, you can do that. From curl --help or man curl:

-k, --insecure

(SSL) This option explicitly allows curl to perform "insecure" SSL connections and transfers. All SSL connections are attempted to be made secure by using the CA certificate bundle installed by default. This makes all connections considered "insecure" fail unless -k, --insecure is used.

See this online resource for further details: http://curl.haxx.se/docs/sslcerts.html

Improve this answer
2
  • 3
    right, I just found it myself. I looked for it yesterday and it was not there! :) Commented Jan 16, 2013 at 23:12
  • I still see the "(51) SSL peer certificate ... was not ok" message with -k Commented Jan 12, 2016 at 10:40
24

curl -k or curl --insecure does NOT fix this particular error condition:

curl: (51) SSL peer certificate
Improve this answer
1
  • 3
    The SSL peer certificate error occurs when validation of the trust chain (not the actual certificate) fails. My first recommendation would be to update the CA bundle on the machine Commented Jul 30, 2014 at 10:35
11

If you truly want to disable curl SSL verification, by default, for ALL use cases, you can do as suggested in this Unix stack exchange answer:

$ echo insecure >> ~/.curlrc

Now should you do this? No, as this is avoiding security checks you should have in place... but if you really really want to do this, caveat emptor!

Improve this answer
1
  • This is really good. Commented May 5 at 19:10

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.