Hi Fellers
If I run curl -I command as user, this error shown:
$ curl -I https://dongip.ir
curl: (77) error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.cr
CApath: /etc/ssl/certs/
But I can ran as sudo without problem!!
Can help me to solve this issue?
navid_a:
Hi Fellers
If I run curl -I command as user, this error shown:
$ curl -I https://dongip.ir
curl: (77) error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.cr
CApath: /etc/ssl/certs/
But I can ran as sudo without problem!!
Can help me to solve this issue?
Hi
I moved this post to applications, can you advise the openSUSE release your using and the version of curl.
zypper se -si curl
$ uname -a
Linux office-pc 5.3.18-lp152.57-preempt #1 SMP PREEMPT Fri Dec 4 07:27:58 UTC 2020 (7be5551) x86_64 x86_64 x86_64 GNU/Linux
[FONT=monospace]
$ zse -si curl
[FONT=monospace]S | Name | Type | Version | Arch | Repository
---+----------------+---------+---------------------+--------+-----------------------
i | curl | package | 7.66.0-lp152.3.12.1 | x86_64 | Main Update Repository
i+ | libcurl-devel | package | 7.66.0-lp152.3.12.1 | x86_64 | Main Update Repository
i | libcurl4 | package | 7.66.0-lp152.3.12.1 | x86_64 | Main Update Repository
i | python3-pycurl | package | 7.43.0.2-lp152.2.9 | x86_64 | Main Repository
[/FONT][/FONT]
openSUSE Leap 15.2
**➜ ****~** zse -si curl
Loading repository data...
Reading installed packages...
S | Name | Type | Version | Arch | Repository
---+----------------+---------+---------------------+--------+-----------------------
i+ | curl | package | 7.66.0-lp152.3.12.1 | x86_64 | Main Update Repository
i+ | libcurl-devel | package | 7.66.0-lp152.3.12.1 | x86_64 | Main Update Repository
i+ | libcurl4 | package | 7.66.0-lp152.3.12.1 | x86_64 | Main Update Repository
i | python3-pycurl | package | 7.43.0.2-lp152.2.9 | x86_64 | Main Repository
**➜ ****~** uname -a
Linux 5.3.18-lp152.57-default x86_64 GNU/Linux
Hi
So if you create a test user and login as that test user does your command work?
Here, I see;
os152:~> curl -I https://dongip.ir
HTTP/2 301
content-type: text/html
date: Thu, 07 Jan 2021 15:46:25 GMT
location: https://www.dongip.ir/
server: ArvanCloud
x-xss-protection: 1; mode=block
ar-poweredby: Arvan Cloud (arvancloud.com)
ar-atime: 0.001
ar-request-id: 4f2e62c063995b890f057aa1784d8534
ar-sid: 5570
Yes, test user can run command.
[FONT=monospace]test@localhost:/home> curl -I https://dongip.ir
HTTP/2 301
**content-type**: text/html
**date**: Thu, 07 Jan 2021 18:13:20 GMT
**location**: https://www.dongip.ir/
**server**: ArvanCloud
**x-xss-protection**: 1; mode=block
**ar-poweredby**: Arvan Cloud (arvancloud.com)
**ar-atime**: 0.000
**ar-request-id**: d93c2727b24a4a896474480683856e3d
**ar-sid**: 2043
[/FONT]
navid_a:
Yes, test user can run command.
[FONT=monospace]test@localhost:/home> curl -I https://dongip.ir
HTTP/2 301
**content-type**: text/html
**date**: Thu, 07 Jan 2021 18:13:20 GMT
**location**: https://www.dongip.ir/
**server**: ArvanCloud
**x-xss-protection**: 1; mode=block
**ar-poweredby**: Arvan Cloud (arvancloud.com)
**ar-atime**: 0.000
**ar-request-id**: d93c2727b24a4a896474480683856e3d
**ar-sid**: 2043
[/FONT]
Hi
So as you can’t run as your normal user, add some verbosity to the output from your test user, then as normal user run the same command and compare…
curl -v -I https://dongip.ir
Normal user:
**➜ ****~** curl -v -I https://dongip.ir
* Trying 185.143.234.5:443...
* TCP_NODELAY set
* Connected to dongip.ir (185.143.234.5) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.cr
CApath: /etc/ssl/certs/
* Closing connection 0
curl: (77) error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.cr
CApath: /etc/ssl/certs/
test user:
test@localhost:/home> curl -v -I https://dongip.ir
* Trying 185.143.234.5:443...
* TCP_NODELAY set
* Connected to dongip.ir (185.143.234.5) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
.
.
.
You need to find where this comes from (path is wrong, it should have been /etc/ssl/certs/ca-certificates.crt . Do you have ~/.curlrc file and what is its content? What is output of “env | grep CURL”?
That’s the problem root.
I removed the .curlrc file, the problem is solved.
Hi
A result of not using su -
but su and running commands in your user $HOME I suspect…