x

How to resolve a cURL certificate 60 error - curl: (60) SSL certificate problem

  Andrew Fletcher     published: 22 September 2023         1 minute read

Post a NetSkope update, composer would fail when running any command that required accessing an external package.  Actually initially all external traffic was being blocked.  The error was similar to

curl: (60) SSL certificate problem: self signed certificate in certificate chain
More details here: https://curl.se/docs/sslcerts.html

This error was also generated when running a basic command

curl https://www.google.com.au

Seems like the updated Netskope client Windows machine is blocking SSL traffic.  While Netskope client doesn't itself inspect SSL traffic but it breaks the SSL traffic going directly to destination by acting as a proxy and present its own certificate and sends traffic to Netskope proxy for ssl inspection.

 

How to resolve

To solve this you can get a Netskope CA certificate from your Windows machine from the following path:

C:\ProgramData\netskope\stagent\data

Copy nscacert.pem file to your certs directory.  For me the certs directory was located:

/etc/ssl/certs/

 

Related articles

Andrew Fletcher18 Mar 2024
Resolving CVE-2022-48624 less issue
To resolve the CVE-2022-48624 vulnerability on Ubuntu using Nginx, it's crucial to understand that the issue lies within the "less" package, not Nginx itself. The vulnerability affects "less" before version 606, where close_altfile in filename.c in less omits shell_quote calls for LESSCLOSE,...