Skip to main content
Quick Tip

Ignore SSL Certificate Error with cURL

Getting an expired certificate error while downloading files with curl? Here's how to ignore it.

Sagar Sharma

So you were trying to get an HTML response from a website using cURL and you got an SSL certificate error:

sagar@LHB:~$ curl https://expired.badssl.com
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

It is because the cURL by default will ensure connections using an SSL certificate and will throw an error if the website you specified is having misconfigured or expired certificate.

And this is going to be a quick tutorial on how you can ignore an SSL certificate error using cURL.

How to ignore an SSL certificate error with cURL

While ignoring the error and still wishing for connecting to the faulty site is not recommended but if you trust the website, here you have it!

You can use the --insecure option while using curl and it will ignore the broken SSL certificate:

curl --insecure https://expired.badssl.com
sagar@LHB:~$ curl --insecure https://expired.badssl.com
<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <link rel="shortcut icon" href="/icons/favicon-red.ico"/>
  <link rel="apple-touch-icon" href="/icons/icon-red.png"/>
  <title>expired.badssl.com</title>
  <link rel="stylesheet" href="/style.css">
  <style>body { background: red; }</style>
</head>
<body>
<div id="content">
  <h1 style="font-size: 12vw;">
    expired.<br>badssl.com
  </h1>
</div>

</body>
</html>

Similarly, you can also use -k option to have the same effect being the short form of --insecure option:

curl -k https://expired.badssl.com
sagar@LHB:~$ curl -k https://expired.badssl.com
<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <link rel="shortcut icon" href="/icons/favicon-red.ico"/>
  <link rel="apple-touch-icon" href="/icons/icon-red.png"/>
  <title>expired.badssl.com</title>
  <link rel="stylesheet" href="/style.css">
  <style>body { background: red; }</style>
</head>
<body>
<div id="content">
  <h1 style="font-size: 12vw;">
    expired.<br>badssl.com
  </h1>
</div>

</body>
</html>

Apply the --insecure option to every SSL connection  

⚠️
This is not suggested unless you are performing this under isolation or a testing environment.

You can append insecure to the curl-config file using the given command:

echo "insecure" >> ~/.curlrc

And now, you can get HTML response with curl without using the --insecure option:

sagar@LHB:~$ curl https://expired.badssl.com
<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <link rel="shortcut icon" href="/icons/favicon-red.ico"/>
  <link rel="apple-touch-icon" href="/icons/icon-red.png"/>
  <title>expired.badssl.com</title>
  <link rel="stylesheet" href="/style.css">
  <style>body { background: red; }</style>
</head>
<body>
<div id="content">
  <h1 style="font-size: 12vw;">
    expired.<br>badssl.com
  </h1>
</div>

</body>
</html>

Wrapping Up

This was my take on how you can ignore an SSL certificate while using curl. I hope this solves the issue.

And if not, make sure to leave a comment and I will try my best to come up with a solution.