SSL证书验证失败,如何找出导致它的原因?

我最近在Namecheap获得了PositiveSSL证书并将其安装在我的服务器上。从Firefox访问该站点工作正常,但从Ruby的net / https库访问它不起作用:即使我已指定证书路径并且我已检查该文件是否可读,它仍无法验证连接证书。卷曲也失败了: 
curl --cacert /path/to/cert https://mysite.com/
它简单地说是这样的: 
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.
“证书验证失败”不是一个非常有用的错误消息。我如何找出我的证书到底出了什么问题以及该怎么办?我发现它在浏览器中工作但在其他任何地方都不起作用令人困惑。     
2019-10-03 2 条评论
分享

没有找到相关结果

    已邀请:

    锯康

    看起来像curl要求CA证书文件包含链中的所有证书。我已经下载了所有这些并将它们组合成一个文件,现在Curl和Ruby都很高兴。     
    2019-10-03 0 0
    分享
    为什么被折叠? 0 个回复被折叠

    要回复问题请先登录注册

    或代码 OrCode.com 备案号:粤ICP备15020848号-1
    Escape time: 0.038655996322632