cUrl with mutual authentication
Yes you need to add --cacert
option to the curl command if you have it downloaded or a self-signed certificate (in my case)
curl --key client.key --cert client.crt --cacert bundle.pem -X GET -v https://x.x.x.x:xxxx/folder/endpoint
.
The bundle.pem
has the server.crt and rootCA.crt.
cat server.crt rootCA.crt >> bundle.pem
Your error message is :
unable to get local issuer certificate
That means curl is unable to find the certificate of the issuer (the CA who sign the server certificate) from the trust store :
/etc/ssl/certs/ca-certificates.crt
All you have to do is download the CA certificate and add it to the trust store.