Ubuntu 7.47.0和7.58.0之间的自签名证书上的curl--cacert发生了什么？_Ubuntu_Curl_Openssl_Self Signed Certificate

Ubuntu 7.47.0和7.58.0之间的自签名证书上的curl--cacert发生了什么？

ubuntu curl openssl

Ubuntu 7.47.0和7.58.0之间的自签名证书上的curl--cacert发生了什么？,ubuntu,curl,openssl,self-signed-certificate,Ubuntu,Curl,Openssl,Self Signed Certificate,我有一个带有自签名证书的https服务器，我喜欢使用Ubuntu Xenial和Ubuntu Bionic中的curl--cacert cert.pem。赛尼尔作品。仿生没有这是我的最小复制器： for distribution in xenial bionic; do docker image build --tag curl-openssl:${distribution} --file - $(mktemp -d) <<EOF FROM ubuntu:${distrib

我有一个带有自签名证书的https服务器，我喜欢使用Ubuntu Xenial和Ubuntu Bionic中的

curl--cacert cert.pem

。赛尼尔作品。仿生没有

这是我的最小复制器：

for distribution in xenial bionic; do
    docker image build --tag curl-openssl:${distribution} --file - $(mktemp -d) <<EOF
FROM ubuntu:${distribution}
RUN apt-get -qy update && apt-get -qy install curl openssl
EOF
    docker container run -i --rm curl-openssl:${distribution} sh <<EOF
openssl version
curl --version
openssl s_client -showcerts -connect example.com:443 </dev/null 2>/dev/null \
    | sed -n "/BEGIN CERTIFICATE/,/END CERTIFICATE/p" \
    >cert.pem
curl -sS --cacert cert.pem https://example.com >/dev/null
EOF
done

Sending build context to Docker daemon  1.614kB
Step 1/2 : FROM ubuntu:xenial
 ---> 9361ce633ff1
Step 2/2 : RUN apt-get -qy update && apt-get -qy install curl openssl
 ---> Using cache
 ---> a2adb354b7f2
Successfully built a2adb354b7f2
Successfully tagged curl-openssl:xenial
OpenSSL 1.0.2g  1 Mar 2016
curl 7.47.0 (x86_64-pc-linux-gnu) libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP UnixSockets
Sending build context to Docker daemon  1.583kB
Step 1/2 : FROM ubuntu:bionic
 ---> 94e814e2efa8
Step 2/2 : RUN apt-get -qy update && apt-get -qy install curl openssl
 ---> Using cache
 ---> 92ed1418e85e
Successfully built 92ed1418e85e
Successfully tagged curl-openssl:bionic
OpenSSL 1.1.1  11 Sep 2018
curl 7.58.0 (x86_64-pc-linux-gnu) libcurl/7.58.0 OpenSSL/1.1.1 zlib/1.2.11 libidn2/2.0.4 libpsl/0.19.1 (+libidn2/2.0.4) nghttp2/1.30.0 librtmp/2.3
Release-Date: 2018-01-24
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets HTTPS-proxy PSL
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.