clean-glass-46254
12/18/2021, 12:31 AMcurl -v -s -X GET -H "Accept: application/json" https://***/self-service/login/browser
* Trying **.***.**.***...
* TCP_NODELAY set
* Connected to *** (**.***.**.***) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS alert, certificate expired (557):
* SSL certificate problem: certificate has expired
* Closing connection 0
is it caching? or is there another step where I have to set a certificate some where else? is /etc/ssl/cert.pem in the docker container or is it on my local machine that's making the curl request? Also, I should mention that http works fine and as expected, it's only https with curl.proud-plumber-24205
12/20/2021, 7:02 PM--insecure
flag on the curl commandclean-glass-46254
12/21/2021, 5:25 AM$ curl -v -s -X -k --insecure GET -H "Accept: application/json" <https://***/self-service/login/browser>
* Could not resolve host: GET
* Closing connection 0
* Trying *...
* TCP_NODELAY set
* Connected to * (**.*.**.*) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=*
* start date: Dec 15 080943 2021 GMT
* expire date: Mar 15 080942 2022 GMT
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify result: certificate has expired (10), continuing anyway.
> -k /self-service/login/browser HTTP/1.1
> Host: *
> User-Agent: curl/7.64.1
> Accept: application/json
>
< HTTP/1.1 400 Bad Request
< Server: nginx/1.20.0
< Date: Tue, 21 Dec 2021 052127 GMT
< Content-Type: text/html
< Content-Length: 157
< Connection: close
<
<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.20.0</center>
</body>
</html>
* Closing connection 1
* TLSv1.2 (OUT), TLS alert, close notify (256):