개발서버 https 요청하기 - SSL certificate problem: Invalid certificate chain

개발서버에 공인 인증서를 설치하는 것은 부담스럽다. 따라서 10년에서 30년짜리 사설 인증서를 일반적으로 따로 설치해서 사용한다. 

curl로 https 요청하면  SSL certificate problem: Invalid certificate chain 에러가 발생한다.

$> curl 'https:/1.1.1.1/aaaaa'

curl: (60) SSL certificate problem: Invalid certificate chain

More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"

 of Certificate Authority (CA) public keys (CA certs). If the default

 bundle file isn't adequate, you can specify an alternate file

 using the --cacert option.

If this HTTPS server uses a certificate signed by a CA represented in

 the bundle, the certificate verification probably failed due to a

 problem with the certificate (it might be expired, or the name might

 not match the domain name in the URL).

If you'd like to turn off curl's verification of the certificate, use

 the -k (or --insecure) option.

쉽게 해결하려면 -k 추가 하면 된다. insecure 하게 통신하게 하도록 하도록 옵션을 주다. 

-k, --insecure

(SSL) This option explicitly allows curl to perform "insecure" SSL connections and transfers. All SSL connections are attempted to be made secure by using the CA certificate bundle installed by default. This makes all connections considered "insecure" fail unless -k, --insecure is used.

See this online resource for further details: http://curl.haxx.se/docs/sslcerts.html

$> curl  -k 'https:/1.1.1.1/aaaaa'