Does curl have a –no-check-certificate Option like wget?

curl is a powerful command line utility mainly used for transferring data. Its competitor is the wget command which has a –no-check-certificate option. This option ignores the errors related to the certificate, but curl also has some options that perform the same functionality.

This guide explains the equivalent of –no-check-certificate option of wget to the curl command and discusses the following aspects:

  • What is SSL Certificate, and Why is it Important?
  • Ignore SSL Certificate Errors Using the curl Command
    • Method 1: Ignore the SSL Certificate of a Specific Website Using the “-k” Option
    • Method 2: Ignore the SSL Certificate of a Specific Website Using the “–insecure” Option
  • Why Should you not Ignore SSL Certificate Errors?

What is SSL Certificate, and Why is it Important?

The “Secure Socket Layer” or “SSL” certificate ensures that the connection between a client and server is secure during data transfer. It establishes an encrypted connection, and the shared data is safe.

However, while surfing the internet, you may have encountered the following “Potential Risk Ahead” Warning: 

This warning comes up when something is wrong with the SSL certificate of the website you are trying to access. More specifically, the mentioned warning indicates that the website’s certificate is expired.

How to Ignore the SSL Certificate Errors Using the curl Command?

The feature-rich curl command of Linux can also ignore SSL certificate errors. Here’s how the errors may look:

$ curl https://expired.badssl.com

The above image confirms that the SSL certificate of the URL “https://expired.badssl.com” has expired. 

Now, check out the two curl command options equivalent to the –no-check-certificate option of wget.

Method 1: Ignore the SSL Certificate of a Specific Website Using the “-k” Option

To ignore the SSL certificate of a website, use the curl command with the “-k” option as follows:

$ curl -k https://expired.badssl.com

The added -k option disables the certificate checks and permit curl to work with insecure connections:

As seen in the above image, the curl command when used with -k option has ignored the SSL certificate errors.

Method 2: Ignore the SSL Certificate of a Specific Website Using the “–insecure” Option

Similarly, use the curl command with the “–insecure option to ignore the warnings related to the invalid or insecure SSL connection:

$ curl --insecure https://expired.badssl.com

As seen in the above image, the curl command when used with –insecure option has ignored the SSL certificate errors.

Why Should you not Ignore the Errors on SSL Certificate?

SSL certificate is meant for security. Without it, your information can be exposed to illegal access. The hackers can attack, observe, and steal encrypted traffic from the website. So use it only when the potential risks are understood. However, a website with a valid SSL certificate will bring more traffic, as a website with an invalid/expired SSL certificate will be ranked at the bottom.

Conclusion

Yes, the curl command does have two equivalents for the –no-check-certificate options of wget. These options include “-k” and “–insecure”, which ignore the SSL certificate errors and allow curl to work with the insecure connections. 

This guide answered if the curl command has a –no-check-certificate option like wget and explained the importance of SSL certificates.