macos - SSL Certificates - OS X Mavericks

Question

I am trying to connect to application on localhost which uses SSL. I am using Mac OS X Mavericks. The error I am getting is following:

Error sending cURL get request to https://dev.site.com:5555/version  
Error code: 60 Error msg: SSL certificate problem: Invalid certificate chain

I tried to add certificates to the chain:

/usr/bin/security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" /etc/path/ca_key.pem 

Still getting the same error.

Answer 1

In some cases will be better to use standard curl (eg if you develop on Mac code for Linux or *BSD). In this case you can do like that:

1. Install Homebrew

2. Install curl with standard certificates support (no more Keychain certs).

   brew install curl --with-openssl && brew link curl --force

3. Install root CA certs from http://curl.haxx.se/ca/cacert.pem into /usr/local/etc/openssl/certs/cacert.pem

4. Add into your ~/.bash_profile

   export CURL_CA_BUNDLE=/usr/local/etc/openssl/certs/cacert.pem

5. After 4 steps you can use curl with certificates from file, not from Keychain.