in Challenge, Interesting, Security

curl: (77) Problem with the SSL CA cert (path? access rights?). Resolved.

Curling an SSL website can fail on certain servers. The error string is:

curl: (77) Problem with the SSL CA cert (path? access rights?)

The error is due to corrupt or missing SSL chain certificate files in the PKI directory. You’ll need to make sure the files /etc/pki/tls/certs/ca-bundle.crt and /etc/pki/tls/certs/ca-bundle.trust.crt (on CentOS) exist on your server. If they do not exist, get your server management provider to complete the following steps:

  1. mkdir /usr/src/ca-certificates && cd /usr/src/ca-certificates
  2. wget http://mirror.centos.org/centos/6/os/i386/Packages/ca-certificates-2010.63-3.el6_1.5.noarch.rpm
  3. rpm2cpio ca-certificates-2010.63-3.el6_1.5.noarch.rpm | cpio -idmv
  4. cp -pi ./etc/pki/tls/certs/ca-bundle.* /etc/pki/tls/certs/
  5. Confirm that curl -vvv https://www.unixy.net is now working as expected

Hope this is helpful.