SSL error when accesing the API through curl or requests

[gauteh]

Hi,

when trying to access the API, e.g.: curl https://adios.orr.noaa.gov/oils/ I get an SSL error. This seems to work in browsers like firefox + chrome. Does this work for you? I get the same error using python's requests.

> curl https://adios.orr.noaa.gov/api/oils/?dir=asc
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

Regards, Gaute

[ChrisBarker-NOAA]

Thanks for the report.

Yes, I see the same issue here -- I have no idea why our certificate would work with the browsers, but not with raw curl (or requests).

Though I have seen a similar issue with other APIs.

As a work around, you can tell curl not to check the certificate:

curl --insecure https://adios.orr.noaa.gov/api/oils/NO00108 > NO00108.json

The is also a similar setting for the requests lib, though I don't recall what it is at the moment.

Meanwhile, I'll work with our IT folks to see if we can get it configured to work safely "out of the box".

[ChrisBarker-NOAA]

We've added the intermediate certificate ( I don't know what that means) -- and it seems to be working now. Let us know if if works for you.

NOTE: it was working with some versions of curl / OpenSSL before -- if you have the latest and greatest, it may work fine in any case.

Example, the curl from OS-X worked before the change:

$ curl --version
curl 7.54.0 (x86_64-apple-darwin18.0) libcurl/7.54.0 LibreSSL/2.6.5 zlib/1.2.11 nghttp2/1.24.1

[gauteh]

Thanks, I can now confirm that it works with both curl and python-requests without disabling SSL verification.