Tag Archives: curl: (60) Peer certificate cannot be authenticated with known CA certificates

Curl https Error: curl: (60) Peer certificate cannot be authenticated with known CA certificates

The following error occurs when the code requests the address. It seems to be a problem with this site’s certificate

[root@local test]# ./httpClient
Post https://smartclass.xxx.com/interface/EduInterface.php: x509: certificate signed by unknown authority
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x40 pc=0x60cafb]

goroutine 1 [running]:
main.PostWebService(0x6a1729, 0x38, 0xc0000f4040, 0x3c, 0x0, 0x0, 0x0, 0x0)
/home/zhangxg/work/test/httpClient.go:16 +0x17b

main.main()

/home/zhangxg/work/test/httpClient.go:40 +0x193

Take a look with the curl command… # Ignore certificate check curl -k

[root@local ~]# curl https://smartclass.xxx.com/interface/EduInterface.php
curl: (60) Peer certificate cannot be authenticated with known CA certificates
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a “bundle”
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn’t adequate, you can specify an alternate file
using the –cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you’d like to turn off curl’s verification of the certificate, use
the -k (or –insecure) option.

In this case, the problem of the certificate, if it is their own site, then from the agent that issued the certificate to the intermediate authorization certificate, the synthesis of the basic on the OK. The order is: from low to high

Certificate related links

If it is not your own site, then you need to add from the code to ignore the operation of the certificate check.