Sometimes your testing scenario or cycle is so far ahead of your infrastructure that you don't even have time or opportunity to procure proper SSL certificates for you website.
If there's a certificate missing or expired, or a domain name mismatch in the certificate of the website you're connecting to, most of browsers and command line tools will warn you.
For instance, curl will show you something like this:
greys@mcfly:~ $ curl https://unixtutorial.test curl: (60) SSL: no alternative certificate subject name matches target host name 'unixtutorial.test' More details here: https://curl.haxx.se/docs/sslcerts.html curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above.
If you really know what you're doing, it's possible to ignore SSL warnings and attempt to download the content anyway.
WARNING: by really knowing what you're doing I mean understanding of what SSL errors mean. For instance, the one above is suggesting that webserver doesn't have a domain like unixtutorial.test in its certificates – so even though the download may succeed, we'll probably get wrong content (some other website's content).
How To Make curl Ignore SSL Warnings
Specify the –insecure option for curl and it will ignore the SSL warnings and download the content anyway:
greys@mcfly:~ $ curl --insecure https://unixtutorial.test Site Not Configured | 404 Not Found <br /> @import url(//fonts.googleapis.com/css?family=Open+Sans:300);</p> <pre><code>body { color: #000; font-family: 'Open Sans Regular', Helvetica, Arial, sans-serif;</code></pre>
As I predicted, the webserver returned content, but it's actually a "Not Found" page because there's no such website (unixtutorial.test is a fictitious domain) found.
That's it for today!
Leave a Reply