Amazon Linux on 高木のブログ https://takagi.blog/tags/amazon-linux/ Recent content in Amazon Linux on 高木のブログ Hugo -- gohugo.io ja-jp Sat, 12 Aug 2023 00:00:00 +0000 【Amazon Linux 2】「curl: (60) SSL certificate problem: certificate has expired」の対応 https://takagi.blog/amazon-linux-2-expired-certificate/ Sat, 12 Aug 2023 00:00:00 +0000 https://takagi.blog/amazon-linux-2-expired-certificate/ <h2 id="問題">問題 <a href="#%e5%95%8f%e9%a1%8c" class="anchor">🔗</a></h2><p>Amazon Linux 2 の EC2 インスタンスから curl ができなくなった</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>$ curl https://ifconfig.me </span></span><span style="display:flex;"><span>curl: <span style="color:#f92672">(</span>60<span style="color:#f92672">)</span> SSL certificate problem: certificate has expired </span></span><span style="display:flex;"><span>More details here: https://curl.haxx.se/docs/sslcerts.html </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span>curl failed to verify the legitimacy of the server and therefore could not </span></span><span style="display:flex;"><span>establish a secure connection to it. To learn more about this situation and </span></span><span style="display:flex;"><span>how to fix it, please visit the web page mentioned above. </span></span></code></pre></div><h2 id="解決方法">解決方法 <a href="#%e8%a7%a3%e6%b1%ba%e6%96%b9%e6%b3%95" class="anchor">🔗</a></h2><p>CA 証明書を更新してあげたら良い</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>$ sudo yum update ca-certificates </span></span></code></pre></div><h3 id="before">Before <a href="#before" class="anchor">🔗</a></h3><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>$ yum list installed | grep ca-certificates </span></span><span style="display:flex;"><span>ca-certificates.noarch 2020.2.41-70.0.amzn2.0.1 @amzn2-core </span></span></code></pre></div><h3 id="after">After <a href="#after" class="anchor">🔗</a></h3><div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>$ yum list installed | grep ca-certificates </span></span><span style="display:flex;"><span>ca-certificates.noarch 2021.2.50-72.amzn2.0.7 @amzn2-core </span></span></code></pre></div><h2 id="参考">参考 <a href="#%e5%8f%82%e8%80%83" class="anchor">🔗</a></h2><ul> <li><a href="https://repost.aws/ja/knowledge-center/ec2-expired-certificate" target="_blank">EC2 インスタンスにある期限切れの Let’s Encrypt 証明書を修正する | AWS re:Post</a> </li> <li><a href="https://qiita.com/wadakatu/items/80919711bb05d0142cd5" target="_blank">【AWS/EC2/Amazon Linux2】curl: (60) SSL certificate problem: certificate has expired - Qiita</a> </li> <li><a href="https://hikoniki.com/2023/05/14/%E3%80%90ec2%E3%80%91slack%E9%80%9A%E7%9F%A5%E9%80%A3%E6%90%BA%E3%81%A7-curl-%E3%82%A8%E3%83%A9%E3%83%BC%E3%81%AE%E5%AF%BE%E5%BF%9C%EF%BC%88lets-encript%E8%A8%BC%E6%98%8E%E6%9B%B8%E3%81%AE%E6%9C%89/" target="_blank">【EC2】slack通知連携で curl エラーの対応(Lets Encript証明書の有効期限切れ) | ひこにっき 〜フリーランス生活〜</a> </li> </ul>