php - 旧的 php 容器说: curl:(60)SSL 证书问题:证书已过期
问题描述
自 1 或 2 天以来,我的旧 php 容器(dockerhub php:5.4-apache)不能再使用 curl。这是在此容器内运行 curl 时的日志。
$> docker run --rm -ti php:5.6-apache bash
$> curl -X POST https://xxxxx.com
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
同样的调用适用于现代(更新的)操作系统。
解决方案
原因是操作系统的证书已过时
要更新它们,您需要执行以下操作
curl -k https://curl.se/ca/cacert.pem > cacert.pem
# works : curl --cacert cacert.pem -X POST https://xxxxx.com
apt-get install ca-certificates
openssl x509 -outform der -in cacert.pem -out cacert.crt
cp cacert.crt /usr/local/share/ca-certificates/
update-ca-certificates
其他选项:
sed -i 's/mozilla\/DST_Root_CA_X3.crt/!mozilla\/DST_Root_CA_X3.crt/g' /etc/ca-certificates.conf
update-ca-certificates
最佳选择(恕我直言):
apt-get update
apt-get upgrade -y
推荐阅读
- mysql - After update to MySQL 8 a reliable stored procedure gives errors after applying change
- android - Android Kotlin Volley upload image and post other values at the same time?
- ios - 'GoogleUtilities/GULAppDelegateSwizzler.h' file not found
- arrays - I need to compare two arrays/state and get the data from the first array/state that doesn't match with the data on the second array - Reactjs
- javascript - Getting an InterfaceError for SQLAlchemy when typing messages in Flask-SocketIO
- sql - Finding, grouping and deleting the duplicate records in MS SQL and keeping the oldest
- post - Google App 脚本错误 404:未定义响应
- java - String text to byte array Java - RSA
- python - Faster way to do conditional slicing on a Pandas dataframe containing a column of array
- node.js - Eslint not ignoring node_modules folder