问题描述
当我们更新网站证书之后,使用 Safari 正常,但是使用 curl 访问产生如下错误:
# curl https://xxxxx.example.com/ curl: (60) SSL certificate problem: unable to get local issuer certificate More details here: https://curl.haxx.se/docs/sslcerts.html curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above.
问题原因
HTTP Server Test Fails with SSL Error – ThousandEyes Documentation
解决方法
针对我们的问题,我们需要下载 RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 的 PEM 证书。
保存到 /usr/local/share/ca-certificates/extra/RapidSSLTLSDVRSAMixedSHA2562020CA-1.crt 文件
然后执行 update-ca-certificates 命令即可。
参考文献
DigiCert Root Certificates – Download & Test | DigiCert.com
How to import CA root certificates on Linux and Windows