curl: (56) Peer does not recognize and trust the CA that issued your certificate.

Solution Verified - Updated -

Issue

  • curl: (56) Peer does not recognize and trust the CA that issued your certificate.
[root@test ~]# curl -vv -k --cert /<path>/cert.pem --key /<path>/key.key https://<web_address>
* About to connect() to <website address> port 443 (#0)
*   Trying <ip_address>...
* Connected to <web_address> (<ip_address>) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
*   subject: CN=<web_address>,OU=ITA22,O=<Issuer Name>,L=Turin,C=IT
*   start date: Jan 11 00:00:00 2018 GMT
*   expire date: Feb 10 12:00:00 2019 GMT
*   common name: <web_address>
*   issuer: CN=GeoTrust RSA CA 2018,OU=www.digicert.com,O=DigiCert Inc,C=US
> GET /LFI/?wsdl HTTP/1.1
> User-Agent: curl/7.29.0
> Host: <web_address>
> Accept: */*
> 
* skipping SSL peer certificate verification
* NSS: client certificate from file
*   subject: CN=<web_address>,OU=ITA22,O=<Issuer Name>,L=Turin,C=IT
*   start date: Jan 11 00:00:00 2018 GMT
*   expire date: Feb 10 12:00:00 2019 GMT
*   common name: <web_address>
*   issuer: CN=GeoTrust RSA CA 2018,OU=www.digicert.com,O=DigiCert Inc,C=US
* SSL read: errno -12195 (SSL_ERROR_UNKNOWN_CA_ALERT)
* Peer does not recognize and trust the CA that issued your certificate.
* Closing connection 0
curl: (56) Peer does not recognize and trust the CA that issued your certificate.
[root@test ~]#

Environment

  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.