Let’s Encrypt Staging. Curl without the -k

Are you lazy and use '-k' to curl all the time when using Let's Encrypt staging? Or worse, use snake-oil? Or even worse, use just http for 'test'?

curl -sSL https://letsencrypt.org/certs/fakelerootx1.pem > fakelerootx1.pem
curl --cacert fakelerootx1.pem https://my-site-issued-with-le-staging

There, how hard was that? Now you can test that the cert was generated properly (even though its not properly signed).

1 Comment on “Let’s Encrypt Staging. Curl without the -k

  1. Wouldn’t it be nice if we could just use an https url in a –cacerturl parameter in curl that follows the systems installed root ca certificates and/or –capath option?

    Also why not just use:

    curl https://letsencrypt.org/certs/fakelerootx1.pem –output fakelerootx1.pem

    Instead of having an extra dependency on wget?
    I assume your curl ssl environment is already set up for the real CA for letsencrypt, or what would you actually be testing…

Leave a Reply

Your email address will not be published. Required fields are marked *

*