我得到以下错误使用卷曲:

curl: (77) error setting certificate verify locations:
  CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none

如何设置证书验证位置?


当前回答

从$ man curl:

--cert-type <type>
    (SSL) Tells curl what certificate type the provided  certificate
    is in. PEM, DER and ENG are recognized types.  If not specified,
    PEM is assumed.

    If this option is used several times, the last one will be used.

--cacert <CA certificate>
    (SSL) Tells curl to use the specified certificate file to verify
    the peer. The file may contain  multiple  CA  certificates.  The
    certificate(s)  must be in PEM format. Normally curl is built to
    use a default file for this, so this option is typically used to
    alter that default file.

其他回答

@roens是正确的。这将影响所有Anaconda用户,错误如下 Curl:(77)错误设置证书验证位置: CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath:没有

解决方法是使用默认的系统curl并避免混淆预先设置的Anaconda PATH变量。你可以

重命名Anaconda curl二进制:) Mv /path/to/anaconda/bin/curl /path/to/anaconda/bin/curl_anaconda . Mv /path/to/anaconda/bin/curl_anaconda . Mv 或去除蟒蛇卷曲 Conda去除卷曲

$ which curl /usr/bin/curl

[0] Anaconda Ubuntu curl Github issue https://github.com/conda/conda-recipes/issues/352

似乎您的卷曲指向一个不存在的文件与CA证书或类似。

有关CA certs与curl的主要参考,请参见:https://curl.haxx.se/docs/sslcerts.html

我在Ubuntu 20.04 localhost上试图访问运行在docker容器中的elasticsearch时遇到了这个curl 77问题。集装箱启动后:

Check curl without ssl: curl --cacert http_ca.crt -u elastic https://localhost:9200 -k lowercase -k for insecure connection. Check curl configs: curl-config --configure, noticed what is ca-bundle: --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt. Copy http_ca.crt file from container to:/usr/local/share/ca-certificates/, original command is here. Run update on ca-certificates: sudo update-ca-certificates. Run curl: curl -u elastic:<password> https://localhost:9201. Finally got response with "tagline" : "You Know, for Search".

将<password>修改为运行Docker Image时生成的密码。 还要注意,在我的机器上,弹性是在端口9201上启动的(不知道为什么:sudo ss -tlpn | grep 9200给我什么都没有),我已经找到了端口:sudo netstat -ntlp和程序名称是docker-proxy。

只要找到适合我的解决方案。

echo’cacert = / etc / ssl / certs / ca-certificates。欧洲委员会

我从这里找到了解

从$ man curl:

--cert-type <type>
    (SSL) Tells curl what certificate type the provided  certificate
    is in. PEM, DER and ENG are recognized types.  If not specified,
    PEM is assumed.

    If this option is used several times, the last one will be used.

--cacert <CA certificate>
    (SSL) Tells curl to use the specified certificate file to verify
    the peer. The file may contain  multiple  CA  certificates.  The
    certificate(s)  must be in PEM format. Normally curl is built to
    use a default file for this, so this option is typically used to
    alter that default file.