Check trusted Root CAs
- Tamás Utasi
- Andy Clowe
Owned by Tamás Utasi
Following instruction on this page you can test if your client can trust certificate presented by our servers.
On the host that runs your service run the next command:
curl -o /dev/null -s -vvv https://my.patientsknowbest.comExpected success output
* Trying 35.246.122.93:443...
* Connected to my.patientsknowbest.com (35.246.122.93:443) port 443 (#0)
...
* Connection #0 to host my.patientsknowbest.com left intactConnection #0 to host my.patientsknowbest.com left intact indicates that the OS trusts the root CA we used to issue our server certificate.
TIP: Version of your integration engine running on the given host might not trust the root CA we picked.
Expected failure output
* Trying 2606:4700:10::6816:1cac:443...
* Connected to my.patientsknowbest.com (35.246.122.93:443) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS header, Unknown (21):
* TLSv1.3 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: unable to get local issuer certificate
* Closing connection 0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.