How do I deal with certificates using cURL while trying to access an HTTPS url?

I also had the newest version of ca-certificates installed but was still getting the error:

curl: (77) error setting certificate verify locations:
  CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none

The issue was that curl expected the certificate to be at the path /etc/pki/tls/certs/ca-bundle.crt but could not find it because it was at the path /etc/ssl/certs/ca-certificates.crt.

Copying my certificate to the expected destination by running

sudo cp /etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt

worked for me. You will need to create folders for the target destination if they do not exist by running

sudo mkdir -p /etc/pki/tls/certs

If needed, modify the above command to make the destination file name match the path expected by curl, i.e. replace /etc/pki/tls/certs/ca-bundle.crt with the path following "CAfile:" in your error message.


This error is related to a missing package: ca-certificates. Install it.

In Ubuntu Linux (and similar distro):

# apt-get install ca-certificates

In CygWin via Apt-Cyg

# apt-cyg install ca-certificates

In Arch Linux (Raspberry Pi)

# pacman -S ca-certificates

The documentation tells:

This package includes PEM files of CA certificates to allow SSL-based applications to check for the authenticity of SSL connections.

As seen at: Debian -- Details of package ca-certificates in squeeze

Tags:

Https

Curl

Api