Bug 1310503 - Update section about curl and CA store
Update section about curl and CA store
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Docs API Guide (Show other bugs)
Unspecified Unspecified
unspecified Severity low (vote)
: Beta
: 6.2
Assigned To: David O'Brien
Russell Dickenson
Depends On:
  Show dependency treegraph
Reported: 2016-02-21 23:04 EST by David O'Brien
Modified: 2016-09-28 21:25 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-04-27 20:10:48 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description David O'Brien 2016-02-21 23:04:57 EST
Description of problem:

Taken from BZ 1275128

(In reply to David O'Brien from comment #19)
> Section 2.1 Using SSL Authentication
> Use   the following command to permanently include the certificate in the
> curl CA store: 
> # certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "Red Hat   Satellite" -i
> /path/to/ca-cert-file 
> Shouldn't that read something like "to include the certificate in the CA
> store that curl can access"? Does curl have a CA store?

Yes, you're correct. That is not a CA-store owned by curl, but rather it is one that curl can access to verify hosts that lives in your $HOME. I tried this myself just to double-check that I could then curl without needing the -k option afterwards.

# create a new DB if you don't already have one
$ certutil -N -d sql:$HOME/.pki/nssdb

$ certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "Red Hat Satellite" -i /path/to/ca-cert

$ curl -X GET -u admin:changeme https://satellite6.example.com/api/v2/hosts
  "total": 2,
  "results": [


Additional info:

Document URL: 

Section Number and Name: 

Describe the issue: 

Suggestions for improvement: 

Additional information:
Comment 2 Andrew Dahms 2016-04-27 20:10:48 EDT
This content is now live on the Customer Portal.


Note You need to log in before you can comment on or make changes to this bug.