curl request using a .cer
Question
I am new to ssl and openssl. I am trying to generate a curl request using a .cer file (without using the -k or -insecure flags). After generating the .pem file, I tried to issue the POST request the following way: curl --cacert certificate.pem -XPOST " https://server_ip:server_port?obj1=okay "
When I use my server IP address, I get the error message: curl: (51) Unable to communicate securely with peer: requested domain name does not match the server's certificate.
If I use localhost.localdomain instead of the server_ip, the request is generated correctly.
I understand that ssl certificate can only certify one hostname. Is there a way to change the hostname to the server's ip address instead of localhost.localdomain?
Thank you
1 answers
solution1
0 2016-08-08 17:34:28
If I use localhost.localdomain instead of the server_ip, the request is generated correctly.
You must access a host using a host name that the certificate has been issued for. There really isn't much of a way around that with curl other than to use -insecure as you already specified you didn't want to do.
I understand that ssl certificate can only certify one hostname.
Most user agents, and just about all browsers, support Subject Alternative Names, which lets you specify many. Browsers will usually read the first 100 SANs. SANs can even support IP addresses.
Is there a way to change the hostname to the server's ip address instead of localhost.localdomain
Usually that is done through DNS. Though, since it looks like you are trying to use a loopback, you might just be able to edit your HOSTS file to contain whatever name you want to point to a loopback address.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.