Using Curl -k Option

The curl -k (or --insecure) command line option ignores invalid and self-signed certificate errors. This setting allows Curl to make an "insecure" SSL connection and skip SSL certificate checks while you still have an SSL-encrypted connection. This may be useful for development purposes. Making an HTTPS request to a resource with an invalid or expired SSL certificate without the -k or --insecure option will result in curl: "(60) SSL certificate: invalid certificate chain: error message". In this Curl -k example, we request a URL with an expired SSL certificate and still get a response. Click Run to execute the Curl -k example online and see the result.
Using Curl -k Option Run
curl -k
Updated: Viewed: 6434 times

What is Curl?

Curl is a command line utility for transferring data to or from a remote server using one of the supported protocols. Curl is widely used for testing APIs, sending requests to the server, and viewing the content and headers of the server's response. Curl supports over 25+ protocols, including HTTP, HTTPS, FTP, FTPS, and SFTP, and has built-in support for SSL certificates, web form submission, file upload, HTTP Cookies, user authentication, and more.

What is an SSL Certificate?

Secure Sockets Layer (SSL) is a network protocol for establishing safe, authenticated, and encrypted connections between two devices. An SSL certificate is a digital certificate that identifies a website and encrypts the information sent to/from the server using SSL. SSL protects user privacy when sending data over the Internet by encrypting all traffic between the user's computer and the web server, making it impossible for the data to be intercepted or read. An SSL certificate allows secure communication over the HTTPS protocol when installed on the server.

Examples of using the Curl -k flag

The following are examples with the -k command line option:

Sending a Curl request without the -k flag to a page with an expired certificate

Curl automatically checks the validity of the SSL certificate. Without the -k flag, if the certificate is invalid or cannot be verified, it will throw an error.

Curl Without -k Example

You will receive an invalid SSL certificate error message:

Curl SSL Error Message Example
curl: (60) SSL certificate problem: unable to get local issuer certificate

Sending a Curl request without SSL certificate verification

The following is an example of sending a request without validating the SSL certificate:

Curl Ignore Certificate Checks Example
curl -k

Curl file download without SSL certificate verification

The following is an example of downloading a file without SSL verification in Curl:

Curl File Download Without SSL Validation Example
curl -k -o page.html

See also

Generate Code Snippets for Curl -k Flag Example

Convert your Curl -k Flag request to the PHP, JavaScript/AJAX, Node.js, Curl/Bash, Python, Java, C#/.NET code snippets using the ReqBin code generator.