我必须使用使用自签名证书(来自 Ubuntu)的服务。我已将公司的 CA 添加到受信任列表 (Ubuntu)。之后“链中自签名证书”错误消失了,但现在我收到“CA证书太弱”错误。例如
curl -vvv https://someservicehost.net
* Trying 93.184.216.34:443...
* TCP_NODELAY set
* Connected to someservicehost.net (93.184.216.34) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS alert, bad certificate (554):
* SSL certificate problem: CA certificate key too …