Fix “SSL3_GET_SERVER_CERTIFICATE:certificate verify failed” in Bash

I was recently running some checks on a site using the GET command (provided by the libwww-perl package in Ubuntu) in Bash and got the following message:

[chris@work ~]$ GET https://example.com/
Can't connect to example.com:443 (certificate verify failed)

LWP::Protocol::https::Socket: SSL connect attempt failed with unknown error error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/share/perl5/LWP/Protocol/http.pm line 51.
[chris@work ~]$ 

The problem is that while the site has an SSL certificate, it’s not valid for the site and fails verification. If I were in a browser, the browser would ask me if I wished to make an exception and connect anyway. The GET command will fail instead.

There is a way to fix that however. Setting the PERL_LWP_SSL_VERIFY_HOSTNAME environment variable to 0 bypasses the certificate verification and allows the request to continue. For example:

[chris@work ~]$ PERL_LWP_SSL_VERIFY_HOSTNAME=0 GET https://example.com/
<!doctype html>
<html>
<head>
    <title>Example Domain</title>

    <meta charset="utf-8" />
...

Did I help you?

• Send me a tip via Paypal.
• Help with this site's hosting with my Linode referral code.