Let’s Encrypt Staging. Curl without the -k

Are you lazy and use '-k' to curl all the time when using Let's Encrypt staging? Or worse, use snake-oil? Or even worse, use just http for 'test'?

wget https://letsencrypt.org/certs/fakelerootx1.pem
curl --cacert fakelerootx1.pem https://my-site-issued-with-le-staging

There, how hard was that? Now you can test that the cert was generated properly (even though its not properly signed).

One comment on “Let’s Encrypt Staging. Curl without the -k
  1. Wouldn’t it be nice if we could just use an https url in a –cacerturl parameter in curl that follows the systems installed root ca certificates and/or –capath option?

    Also why not just use:

    curl https://letsencrypt.org/certs/fakelerootx1.pem –output fakelerootx1.pem

    Instead of having an extra dependency on wget?
    I assume your curl ssl environment is already set up for the real CA for letsencrypt, or what would you actually be testing…

Leave a Reply

Your email address will not be published. Required fields are marked *

*