Curl gives SSL cert problem

Not sure how to solve this, is it that I cannot use a self signed certificate?
Thanks for any assistance.

Using Curl for windows
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here

  • Trying…
  • Connected to ( port 443
  • ALPN: curl offers h2,http/1.1
  • TLSv1.3 (OUT), TLS handshake, Client hello (1):
  • CAfile: F:\Projects\Indy10\curl-8.4.0_3-win64-mingw\bin\curl-ca-bundle.crt
  • CApath: none
  • TLSv1.3 (IN), TLS handshake, Server hello (2):
  • TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
  • TLSv1.3 (IN), TLS handshake, Certificate (11):
  • TLSv1.3 (OUT), TLS alert, unknown CA (560):
  • SSL certificate problem: unable to get local issuer certificate
  • Closing connection
    curl: (60) SSL certificate problem: unable to get local issuer certificate
    More details here: curl - SSL CA Certificates

This is my full cmdline (wrapped for readability), XX… YY… being my full keys of course

curl -H “Content-Type: application/json”
-d “{“symbol”:“AAPL”,“qty”:“1”,“side”:“buy”,“type”:“market”,“time_in_force”:“gtc”}”

Added a -k to the command to make curl ignore invalid results about the site
(alpaca paper trading site) .
Then, I had to escape the double slashes at the command line from " to \"
This is my entire command, PS: I wrapped it for clarity…

curl -k
-H “Content-Type: application/json”
-H “APCA-API-KEY-ID: PK**********************”
-H “APCA-API-SECRET-KEY: wB*********************************************”
-d “{"symbol":"AAPL","qty":"1","side":"buy","type":"market","time_in_force":"gtc"}”

So I am not using your usual Visual studio or python dev, and while I do C++, I don’t do it in Linux. I am using C++ Builder for windows, I am happy the order ‘filled’ so quickly with curl, I guess the stories about TLS1.3 speed is true.
I use C++ Builder, and now I can wrap this in a process launcher with I/O redirection - code I wrote years ago to do the fill and get the results.

@colinm Thank you for posting this excellent description of considerations when submitting API calls in curl. Very helpful.

1 Like

Thanks, LOL, totally forgot to escape my backslash for the web, so this is what it will look like.
(had to add \\ to get a single \ to appear)
curl -k
-H “Content-Type: application/json”
-H “APCA-API-KEY-ID: PK**********************”
-H “APCA-API-SECRET-KEY: wB*********************************************”
-d “{\“symbol\”:\“AAPL\”,\“qty\”:\“1\”,\“side\”:\“buy”,\“type\”:\“market\”,\“time_in_force\”:\“gtc\”}””

Now remember this escapement is really because of the command-line in Windows.
In that a dbl quote is how windows sees a way to group parameters with spaces
so hi mom will be seen as 2 parameters but “hi mom” will be seen as one.

Seeing the JSON query has a dbl quote as part of the parameter and not a separator
you’ll then need to escape it.

I will be wrapping this is an I/O engine in a C++ windows app, so I will let you know how that goes.