Forum Discussion
Curl usage
Hi,
Thanks for quick response.
But, if we use "k" (-vk) then this means ignore to check the SSL Certificate status on pool member.
if we want to check whether application team is offloading any ssl certificate on backend server or not OR if they are offloading then is certificate valid or expired , how to ensure this using curl command.
- boneyardJun 24, 2024MVP
don't get the offloading part. do you mean if they have a certificate or not?
if they don't and you do a curl -vk https://ip it will fail.
if they do and you do a curl -vk https://ip it will contain the certificate date.
- eagertolearnJun 24, 2024Nimbostratus
Thanks for reply boneyard !
One more information, If pool member is not on https (443) then . For Example , pool member is on port 5442 and now we just wanted to check the port service status during troubleshooting.
What should be the curl command coordinates for this case
- svsJun 26, 2024Cirrostratus
Maybe you should play around a bit with the information you got. I would assume, that it is self-explanatory...
curl -vkI https://192.168.10.15:5442/status/health
Just add the port to the IP address or hostname. If you call the server via https:// but the server only speaks http:// (and vice versa), you usally receive 400 Bad request as response. That's not always the case. But you should always receive a certificate, when calling via https://. Otherwise curl will complain, that no certificate was received.
You are wrong about the argument regarding -k. This option just helps you to establish an SSL handshake, even if the server certificate is not trustworthy. You will receive the required information in each case. If you have to validate the trustworthiness of the remote certificate, you please checkout https://curl.se/docs/sslcerts.html. This should help to understand how it works. They also reference the openssl s_client tool, which helps for deeper investigations. curl is not made for this.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com