When running this command in WSL Ubuntu:
sudo curl https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -
I get the following error:
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
gpg: no valid OpenPGP data found.
I have "Ubuntu" installed, not the specific versions from the Microsoft Store.
Here is the verbose output:
sudo curl -v https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 40.76.35.62...
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
gpg: no valid OpenPGP data found.
⚠Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
@seanwhitepc -- thank you for your feedback. You may find answers here:
I am closing this issue now. You are welcome to @ mention me for any followup.
We hope to hear from you again.
@WilliamAntonRohm : please specify what is the fix here? I too have the same issue.
@seanwhitepc : Were you able to find a fix?
For the next person who comes across this, this issue in my system was due to a firewall setting disabling internal communication in private network. After I fixed that, the error was gone.
@WilliamAntonRohm i have the same issue. On host machine curl work fine.
Here's a workaround for a similar issue. I am still (as of Nov 2020) experiencing this kind of issue with WSL and curl.
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
````
It seems as though curl can't handle the newlines (`\n`) in the cert bundle file, so I've duplicated the necessary Root CA certs at the bottom of that certificates file and simply removed the newlines, so that everything between
--- BEGIN CERTIFICATE ---
--- END CERTIFICATE ---
```
is a single line. Hope this helps others in the future.
@posters -- thank you for your followup and solutions.
@VanMSFT -- please look into this potential documentation issue.
This is not a documentation issue, and not specific to SQL Server on Linux. The issue is specific to the client sending the request. Please see https://stackoverflow.com/questions/24611640/curl-60-ssl-certificate-problem-unable-to-get-local-issuer-certificate
@VanMSFT -- thank you for clarifying.
Try setting env CURL_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt .
Work for me.
Most helpful comment
Try setting env
CURL_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt.Work for me.