36

I am trying to do a curl request using a client certificate like so:

curl -E my.pem https://some.site

And I get the following error message:

curl: (35) error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
  • What does this mean?
  • Is this complaint coming from the server to which I am connecting, or my curl client?
  • (How do I determine) what is the ca in this context?
  • How do I make it such that the ca is known?
MadHatter
  • 81,580
grasevski
  • 471
  • 1
  • 4
  • 5

1 Answers1

43

If the server sends you a TLS alert unknown ca like in this case then the server does not accept the client certificate you have send (-E my.pem). One reason for this might be that you have used the wrong certificate. Another reason might be that you've used the correct certificate but failed to add the necessary chain certificates.

Steffen Ullrich
  • 14,265