我正在尝试在我的Linux服务器(Debian GNU/Linux 10 buster(和位于另一台服务器中的微服务之间建立通信。Telnet运行良好,但当我尝试执行curl时,我会收到以下错误:
$ curl "https://url.com.br/path"
curl:(60(SSL证书问题:无法获取本地颁发者证书此处提供更多详细信息:https://curl.haxx.se/docs/sslcerts.html
curl无法验证服务器的合法性,因此可能未与其建立安全连接。若要了解有关此的详细信息情况和如何解决,请访问上述网页在上面
我也有2.cer,但我不确定我应该做什么
编辑:
尝试按照@cashif的建议使用-kv执行,输出如下:
* Expire in 0 ms for 6 (transfer 0x556613046fb0)
* Expire in 1 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 1 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 1 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 1 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 1 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 1 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 1 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 1 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 1 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 1 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 1 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Expire in 0 ms for 1 (transfer 0x556613046fb0)
* Trying IP...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x556613046fb0)
* Connected to url.com.br (IP) port 443 (#0)
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: none CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: C=BR; ST=SP; L=S㯠Paulo; O=EMPRESA; OU=SIT; CN=URL
* start date: Jun 22 19:02:03 2021 GMT
* expire date: Jun 21 19:02:03 2024 GMT
* issuer: DC=br; DC=com; DC=EMPRESA; CN=EMPRESA Subordinate CA - Novo
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> GET /PATH HTTP/1.1
> Host: URL
> User-Agent: curl/7.64.0
> Accept: */*
>
* TLSv1.2 (IN), TLS handshake, Hello request (0):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Request CERT (13):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* old SSL session ID is stale, removing < HTTP/1.1 404 Not Found < Content-Type: text/html < Server: Microsoft-IIS/10.0 < Date: Fri, 18 Mar 2022 14:01:48 GMT < Content-Length: 1245 < <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>404 - File or directory not found.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
--> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>404 - File or directory not found.</h2> <h3>The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.</h3> </fieldset></div> </div> </body> </html>
* Connection #0 to host URL left intact
请先尝试无证书检查(k(和详细模式(v(。
curl -kv **url**:**port**
curl -kv "https://url.com.br/path"
更多信息请访问curl手册页。