CA cert is not used by `uaac curl`

[bgoerzig]

The uaac curl subcommand doesn't use the CA certificate specified by uaac target --ca-cert /path/to/ca.crt:

$ uaac version
UAA client 4.17.0

$ uaac target <uaa-server-url> --ca-cert ca.crt

Target: <uaa-server-url>
Context: ...

$ uaac groups
...
$ echo $?
0
$ uaac curl '/Groups'
GET <uaa-server-url>/Groups

uaac error
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 peeraddr=<uaa-server-ip>:443 state=error: certificate verify failed (self-signed certificate in certificate chain)

$ echo $?
1

[cf-gitbot]

We have created an issue in Pivotal Tracker to manage this. Unfortunately, the Pivotal Tracker project is private so you may be unable to view the contents of the story.

The labels on this github issue will be updated when the story is started.

[strehle]

Ok, yes so seems that simply missing in curl case curl: https://github.com/cloudfoundry/cf-uaac/blob/main/lib/uaa/cli/curl.rb#L66-L67 http via cf-uaa-lib: https://github.com/cloudfoundry/cf-uaa-lib/blob/master/lib/uaa/http.rb#L199-L201