Showing results for 
Search instead for 
Did you mean: 

CURL error 60 - server certificate verification failed. CAfile: certificates/cert.pem CRLfile: none



I'm trying to make a dummy transaction through CURL using Sandbox account & the latest cacert.pem file as provided at this path -


The command I'm using is -


 sudo curl --cacert ./certificates/cacert.pem -d"x_login=<API_ID>&x_tran_key=<TRANSACTION_KEY>&x_delim_data=TRUE&x_url=FALSE&x_type=AUTH_CAPTURE&x_method=CC&x_relay_response=FALSE&x_card_num=4111111111111111&x_exp_date=05/2019&x_amount=100.00&x_address=&x_zip=&x_card_code=777" ""


I get this error -


curl: (60) server certificate verification failed. CAfile: ./certificates/cert.pem CRLfile: none
More details here:

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.



When I use the -k or --insecure option which skips the certificate validation, the transaction is approved as follows -


sudo curl --insecure --cacert ./certificates/cert.pem -d"x_login=<API_ID>&x_tran_key=<TRANSACTION_KEY>&x_delim_data=TRUE&x_url=FALSE&x_type=AUTH_CAPTURE&x_method=CC&x_relay_response=FALSE&x_card_num=4111111111111111&x_exp_date=05/2019&x_amount=100.00&x_address=&x_zip=&x_card_code=777" ""
1,1,1,This transaction has been approved.,4BSLRJ,Y,60115870054,,,100.00,CC,auth_capture,,,,,,,,,,,,,,,,,,,,,,,,,,560D4634C183897AFBA9AECCBB7D7A05,P,2,,,,,,,,,,,XXXX1111,Visa,,,,,,,,,,,,,,,,,FALSE,


Can anyone help me regarding this? Why the certification validation is failing here? Also, is this the right way to test it?


We want to integrate this certificate in our HPE MSM controller where we give the URL - and the API_ID & Transaction_Key. In the code for the software of HPE MSM controller, we're using CURL to reach the URL for certificate validation.