CURL 基本指令

 ．查看詳細資訊

curl http://abc.com --verbose

* About to connect() to abc.com port 8080 (#0)
*   Trying 10.0.0.1...
* Connected to abc.com (10.0.0.1) port 8080 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt  <== 吃憑證的路徑
  CApath: none

．帶入憑證

curl --cacert RootCA.crt --cert ClientCA.pem:passwd http://abc.com

．不驗證憑證

curl -k

curl --insecure

．取得網站憑證資訊

echo QUIT | openssl s_client -connect abc.com:8080 -servername abc.com -showcerts

openssl s_client -connect abc.com:8080 -servername abc.com -showcerts </dev/null 2>/dev/null | sed -n '/^-----BEGIN CERT/,/^-----END CERT/p'

openssl s_client -connect abc.com:8080 -servername abc.com -showcerts </dev/null 2>/dev/null | awk '/^-----BEGIN CERT/,/^-----END CERT/'

openssl s_client -connect abc.com:8080 -servername abc.com -showcerts </dev/null 2>/dev/null | sed -n '/^-----BEGIN CERT/,/^-----END CERT/p' > example.crt

．變成設定檔方式

abc.conf
cacert = "RootCA.crt"
cert = "ClientCA.pem:mypasswd"
url = "https://mail.ichiayi.com/t.txt"

curl --conf testcurl.conf

參考:

https://blog.miniasp.com/post/2020/08/23/curl-and-self-signed-certificated-or-CA-certificate

https://www.ichiayi.com/wiki/tech/curl_ssl