If you're able to visit a website and it successfully validates but you're not able to curl
the website (i.e. you get certificate validation errors) then it is likely because your root certificate, or intermediate certificate, or both are not trusted in your system. Ubuntu provides an easy process for updating the root certificate stores using the update-ca-certificates
command and the /etc/ca-certificates.conf
for configuration.
Certificates should be installed under /usr/share/ca-certificates
. You should create a directory for your org to place all certs and intermediates.
mkdir /usr/share/ca-certificates/my.org/