当我尝试跟随curl
devendermishra@myhost:~$ curl https://iam.endpoint.com curl: (60) SSL certificate problem: self signed certificate More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. 但是,当我明确提到CA证书文件,它工作正常。
devendermishra@myhost:~$ curl --cacert /etc/ssl/certs/ca-certificates.crt https://iam.endpoint.com {"error": {"message": "Auth Signature not provided", "code": 401, "title": "Unauthorized"}}
端点或安装在CA证书中的问题是什么?
我怀疑libcurl没有被编译去查找那个位置。 您可以通过运行curl-config --ca来显示libcurl使用的CA cert bundle的内置path。 您还可以通过运行curl-config --configure来显示在构build时传递的参数。 我怀疑第一个命令将不会返回(标志不存在和自动检测不起作用),后面的命令将会丢失预期的标志。
更多信息可以在这里find: