- Data Structure
- Networking
- RDBMS
- Operating System
- Java
- MS Excel
- iOS
- HTML
- CSS
- Android
- Python
- C Programming
- C++
- C#
- MongoDB
- MySQL
- Javascript
- PHP
- Physics
- Chemistry
- Biology
- Mathematics
- English
- Economics
- Psychology
- Social Studies
- Fashion Studies
- Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
Https connection using curl on Linux
Overview
curl is a command line tool that supports many different types of websites including https sites. It can be used to connect to any website, but it's most commonly used for connecting to web servers and retrieving data from them. In this tutorial we will learn how to use curl to make an HTTPS connection to a website. We will also see how to retrieve the contents of a file using curl.
We’ll look at using curl to call an HTTP endpoint via HTTPS.
What is Curl?
Curl is a command line tool that allows users to transfer data from or to a server using various protocols, including HTTP, HTTPS, FTP, and more. It supports many different types of websites and can be used to connect to any website. Curl is commonly used for connecting to web servers and retrieving data from them.
The main features of curl are −
Downloading files from FTP or HTTP servers
Uploading files to FTP or HTTP servers
Fetching pages (GET)
Uploading pages (POST)
Making POST requests with user authentication
Sending cookies
Logging in to remote machines
Retrieving form information
Checking out help documentation
Getting Started With Curl
To get started with curl you need to install it first.
Trusted CA Signed SSL Certificates
When making an HTTPS connection, it is important to ensure that the server you are connecting to is trusted. This can be done by verifying the server's SSL certificate. The certificate must be signed by a trusted Certificate Authority (CA). If the certificate is not signed by a trusted CA, then your connection will not be secure and any data sent over the connection could be intercepted.
The simplest syntax to use with curl is curl <URL>. Let’s make a request using curl for calling an HTTPS endpoint −
curl https://www.tutorialspoint.com
If curl makes a GET request and receives the page source without an issue, the server is likely using a Trusted CA Signed SSL certificate, which means it has been verified by a reliable authority.
Self-Signed Certificates
If a web service uses a SSL/TLS connection but doesn't use a valid SSL/TLS cert, then we may see an error message similar to "SSL handshake failed." This usually indicates that the web service isn't configured properly for HTTPS connections.
If we're using TLS for our local Spring Boot application, let's say we're configuring it with SSL.
You could use curl to ignore the SSL/TLS certificate check by adding the -k or --insecure option.
curl -k https://localhost:8443/tpoint
However, if you ignore HTTPS errors, then you could be making yourself vulnerable to attacks. An alternative would be to get the certificate for the site we're trying to access.
Getting Server Certificate
One-way SSL validation verifies the receiving server certificate against our own local copy. As a result, we need to save the server certificate locally on our system.
To get a list of server certificates from an SSL connection, we'll run the openssl command with the showcerts argument.
openssl s_client -showcerts -connect <Domain Name or IP Address>:<Port>
The -showcert option displays the entire SSL/TLS certification chain. You can save the certificates into an output file so that you can use them later.
openssl s_client -showcerts -connect https://localhost:8443/tpoint </dev/null | sed -n -e '/-.BEGIN/,/-.END/ p' > tpoint.pem
Invoking an HTTPS Endpoint
To access the HTTPS endpoint, we'll first need to save the BAEldung.pem file from our local web site using the OpenSSL command line tool or key store file.
We’ll then add the -cacert option to our curl command.
curl --cacert baeldung.pem https://localhost:8443/tpoint
Conclusion
We explained how to use the curl command line utility to invoke an HTTP/HTTPS endpoint.
We also discussed how to use the OpenSSL command line tool to get server certificates and save them into a file. Finally, we showed how to use the -cacert option with curl to access an HTTPS endpoint.
Using curl is a great way to quickly test web services and APIs. It’s easy to use, fast, and can be used for both HTTP and HTTPS connections.