curl fails in bash. How to deal with the certificates?

sahi1422 commented 4 years ago

I am getting the below error. I tried many solutions from here https://stackoverflow.com/questions/3160909/how-do-i-deal-with-certificates-using-curl-while-trying-to-access-an-https-url but it still fails.

bash-4.2# curl https://google.com
curl: (77) error setting certificate verify locations:
  CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none

Below is the output of :

docker inspect lambci/lambda:go1.x

[
    {
        "Id": "sha256:1fea70f7683f6f5621d000096471056696bd63f16a0b6448eee01fba905856db",
        "RepoTags": [
            "lambci/lambda:go1.x"
        ],
        "RepoDigests": [
            "lambci/lambda@sha256:451f186784bc5b9ed959424a4fa7634c24b0c34961b74f947f3ef4a656afe301"
        ],
        "Parent": "",
        "Comment": "",
        "Created": "2020-04-08T19:49:32.83868985Z",
        "Container": "2efd2d70fccb300d0361054f58c1b5e5e4db516ee1327fe6676e21579a755354",
        "ContainerConfig": {
            "Hostname": "2efd2d70fccb",
            "Domainname": "",
            "User": "sbx_user1051",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/bin:/usr/bin/:/bin:/opt/bin",
                "LD_LIBRARY_PATH=/lib64:/usr/lib64:/var/runtime:/var/runtime/lib:/var/task:/var/task/lib:/opt/lib",
                "LANG=en_US.UTF-8",
                "TZ=:UTC",
                "LAMBDA_TASK_ROOT=/var/task",
                "LAMBDA_RUNTIME_DIR=/var/runtime",
                "_LAMBDA_CONTROL_SOCKET=14",
                "_LAMBDA_SHARED_MEM_FD=11",
                "_LAMBDA_LOG_FD=9",
                "_LAMBDA_SB_ID=7",
                "_LAMBDA_CONSOLE_SOCKET=16",
                "_LAMBDA_RUNTIME_LOAD_TIME=1530232235231",
                "_AWS_XRAY_DAEMON_ADDRESS=169.254.79.2",
                "_AWS_XRAY_DAEMON_PORT=2000",
                "AWS_XRAY_DAEMON_ADDRESS=169.254.79.2:2000",
                "AWS_XRAY_CONTEXT_MISSING=LOG_ERROR",
                "_X_AMZN_TRACE_ID=Root=1-dc99d00f-c079a84d433534434534ef0d;Parent=91ed514f1e5c03b2;Sampled=1",
                "AWS_EXECUTION_ENV=AWS_Lambda_go1.x"
            ],
            "Cmd": [
                "/bin/sh",
                "-c",
                "#(nop) ",
                "ENTRYPOINT [\"/var/runtime/aws-lambda-go\"]"
            ],
            "Image": "sha256:7eb05763a7f0dadc661c233467e0f47eb3f8771645f68610c6da0ed24628c16c",
            "Volumes": null,
            "WorkingDir": "/var/task",
            "Entrypoint": [
                "/var/runtime/aws-lambda-go"
            ],
            "OnBuild": null,
            "Labels": {}
        },
        "DockerVersion": "19.03.8",
        "Author": "",
        "Config": {
            "Hostname": "",
            "Domainname": "",
            "User": "sbx_user1051",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/bin:/usr/bin/:/bin:/opt/bin",
                "LD_LIBRARY_PATH=/lib64:/usr/lib64:/var/runtime:/var/runtime/lib:/var/task:/var/task/lib:/opt/lib",
                "LANG=en_US.UTF-8",
                "TZ=:UTC",
                "LAMBDA_TASK_ROOT=/var/task",
                "LAMBDA_RUNTIME_DIR=/var/runtime",
                "_LAMBDA_CONTROL_SOCKET=14",
                "_LAMBDA_SHARED_MEM_FD=11",
                "_LAMBDA_LOG_FD=9",
                "_LAMBDA_SB_ID=7",
                "_LAMBDA_CONSOLE_SOCKET=16",
                "_LAMBDA_RUNTIME_LOAD_TIME=1530232235231",
                "_AWS_XRAY_DAEMON_ADDRESS=169.254.79.2",
                "_AWS_XRAY_DAEMON_PORT=2000",
                "AWS_XRAY_DAEMON_ADDRESS=169.254.79.2:2000",
                "AWS_XRAY_CONTEXT_MISSING=LOG_ERROR",
                "_X_AMZN_TRACE_ID=Root=1-dc99d00f-c079a84d433534434534ef0d;Parent=91ed514f1e5c03b2;Sampled=1",
                "AWS_EXECUTION_ENV=AWS_Lambda_go1.x"
            ],
            "Cmd": null,
            "Image": "sha256:7eb05763a7f0dadc661c233467e0f47eb3f8771645f68610c6da0ed24628c16c",
            "Volumes": null,
            "WorkingDir": "/var/task",
            "Entrypoint": [
                "/var/runtime/aws-lambda-go"
            ],
            "OnBuild": null,
            "Labels": null
        },
        "Architecture": "amd64",
        "Os": "linux",
        "Size": 719360401,
        "VirtualSize": 719360401,
        "GraphDriver": {
            "Data": {
                "LowerDir": "/var/snap/docker/common/var-lib-docker/overlay2/ab5dbc955a8b39dca3ccb41cfa410eb1b801c8abff6a46f69e8430deb72bda96/diff:/var/snap/docker/common/var-lib-docker/overlay2/730092a53f30a868f6bbb05148e03b17a445108487f1bfe342a584742c857dbf/diff:/var/snap/docker/common/var-lib-docker/overlay2/ea259b114a8a3859ae296dd05980dbaab529618e722a7b3af79da378dced83cd/diff",
                "MergedDir": "/var/snap/docker/common/var-lib-docker/overlay2/335ae88a0efd5d5aecb451473b1c9a5ede03aeed98c2c9cd546dfbc52c9392fd/merged",
                "UpperDir": "/var/snap/docker/common/var-lib-docker/overlay2/335ae88a0efd5d5aecb451473b1c9a5ede03aeed98c2c9cd546dfbc52c9392fd/diff",
                "WorkDir": "/var/snap/docker/common/var-lib-docker/overlay2/335ae88a0efd5d5aecb451473b1c9a5ede03aeed98c2c9cd546dfbc52c9392fd/work"
            },
            "Name": "overlay2"
        },
        "RootFS": {
            "Type": "layers",
            "Layers": [
                "sha256:6e22ce09b996a3bd048d9ac53c8df5960ad6a1970458c64a6727bc5d60033efd",
                "sha256:8b9ca73fe3e4349e75373354b027af1416b45c68d10fe2fd8b4b9c034f472034",
                "sha256:7c1e2c20135048a94a39ae62da9c6919dc642e4ea451c559d19d34b8ed4d3201",
                "sha256:9d984bd98951105bc7b145f307caba88aab738220567d7dc47c4c568743b5bbf"
            ]
        },
        "Metadata": {
            "LastTagTime": "2020-05-26T14:41:10.64119757+05:30"
        }
    }
]

mhart commented 4 years ago

I can't reproduce this.

docker run --rm --entrypoint bash lambci/lambda:go1.x -c 'curl https://google.com'

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   220  100   220    0     0   2650      0 --:--:-- --:--:-- --:--:--  2682
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="https://www.google.com/">here</A>.
</BODY></HTML>

sahi1422 commented 4 years ago

Below two steps fixed the error:

Updating or reinstalling the ca-certificates
Restart docker

lambci / docker-lambda

curl fails in bash. How to deal with the certificates? #275