command line tool and
for transferring data with URLs
DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP,
LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP,
SMTPS, TELNET and TFTP. curl supports SSL certificates, HTTP POST, HTTP PUT,
FTP uploading, HTTP form based upload, proxies, HTTP/2, HTTP/3, cookies,
user+password authentication (Basic, Plain, Digest, CRAM-MD5, SCRAM-SHA, NTLM,
Negotiate and Kerberos), file transfer resume, proxy tunneling and more.
What’s curl used for?
curl is used in command lines or scripts to transfer data. curl is also used
in cars, television sets, routers, printers, audio equipment, mobile phones,
tablets, settop boxes, media players and is the Internet transfer engine for
thousands of software applications in over ten billion installations.
curl is used daily by virtually every Internet-using human on the globe.
Who makes curl?
curl is free and open source software and exists
thanks to thousands of contributors and our
awesome sponsors. The curl
project follows well
established open source best practices. You too
can help us improve!
What’s the latest curl?
The most recent stable version is 7. 79. 1, released on 22nd of September 2021.
Currently, 68 of the listed downloads are of the latest version.
Time to donate to the curl project?
Where’s the code?
Check out the latest source code
Everything curl is a detailed
and totally free book available in several formats, that explains basically
everything there is to know about curl, libcurl and the associated project.
Learn how to use curl. How to use libcurl. How to build them from source or
perhaps how the curl project accepts contributions. There’s something for
everyone in this, from the casual first-time users to the experienced
Everything curl is itself an
open project that accepts your contributions and help.
What is the curl command? Learning and testing APIs with cURL tools
cURL, which stands for client URL, is a command line tool that developers use to transfer data to and from a server. At the most fundamental, cURL lets you talk to a server by specifying the location (in the form of a URL) and the data you want to send. cURL supports several different protocols, including HTTP and HTTPS, and runs on almost every platform. This makes cURL ideal for testing communication from almost any device (as long as it has a command line and network connectivity) from a local server to most edge devices.
The most basic command in curl is curl. The curl command is followed by the URL, from which we would like to retrieve some kind of data. In this case, it would return the html source for
Underlying the curl command is the libcurl development library, which has bindings for almost any codebase.
cURL is also the name of the software project, which encompasses both the curl command-line tool and the libcurl development library.
To try out the commands in this article, you need a command shell and internet access. We are going to be using the NASA APOD (Astronomy Picture Of the Day) API to create some examples. This API is open source but you will need to sign up for a developer key, which takes just a minute to get signed up.
Why use curl?
So, why should you use cURL? Consider these benefits of this software project:
It is highly portable. It is compatible with almost every operating system and connected device.
It is useful for testing endpoints, to check if they are working.
It can be verbose, providing details of exactly what has been sent/received, which is helpful for debugging.
It has good error logging.
It can be rate limited.
Sending API requests
We can use curl to send API requests. Each request is generally made up of four main parts:
An endpoint, which is the address (URL) to which we are sending the request.
An HTTP method. The most common methods used are GET, POST, PUT and DELETE.
GET is used to retrieve a resource from a server. This could be a file, information, or an image.
POST is used to send information to the server.
PUT can be used to create or update a resource. This could be used to create or update a record in a database or update the contents of a file.
DELETE is used to delete a resource such as a database entry.
These actions for these methods are the recommended actions, but it’s up to the API specification and implementation to define what exactly happens.
Headers, which contain metadata about the request, such as content type, user agent, and so on.
Body, which is the message body and contains the data that we want to send, if any. Generally, the body is used with POST and PUT methods.
curl command options
There are over two hundred curl options. You can see some of them by typing curl -h in a terminal. The most commonly used command options include these:
-I returns only the HTTPS headers
curl –request GET ‘
This command will return header fields such as Date, Content-Type etc
-v is the verbose option
curl –request GET ‘NASA_API_KEY&date=2020-01-01’ -v
This verbose command will show you everything that happens when you run the curl command, from connection to the headers and any data returned. Here we also get the description of the image that is being returned by the request, along with the image url.
-o stores the output in a file
curl –request GET ‘NASA_API_KEY&date=2020-01-01’ –output curloutput
Combining curl with other CLI commands
Combining curl with other cli commands can be really handy in situations where you want to use the output of a command as the input to a curl command or vice versa.
As an example, you could see if a webpage contains a certain piece of text using curl and grep.
Here is an example of using curl and Python to extract the image link from a request to the NASA API and display it in the Preview app (MacOS only):
curl –request GET “NASA_API_KEY&date=2020-01-01” -s | python3 -c “import sys, json; print(()[‘url’])” | xargs curl -o && open -a Preview
In this example we use curl to make a GET request on the Nasa API endpoint. This returns json data, which we use in a small Python script to extract the url of the image. We then use the curl command to get the image and open it using Preview on the mac.
You don’t have to use the command line curl to make API requests. You can use a number of different tools to interact with an API, such as HTTPie, Postman, and Rest Client in VS Code.
HTTPie is a command-line HTTP client that is touted as more friendly to users. It also includes a more expressive, color-coded UI. They have an online version, which is really neat.
Postman is a UI-based client for all things related to API development, and it’s arguably one of the most popular. Postman is very powerful.
You can generate and execute curl commands from within Postman. To generate curl commands, you can enter the request URL and parameters, and then click on the code option on the right-hand side:
A box is displayed with the option to select from a number of languages, including curl. Select curl to see the generated curl command.
Postman gives you a history of all the requests that you’ve built and even data-stamps them, which can be nice for collecting data points or references as you work with an API. Think of it as the client taking notes for you.
Rest Client in VS Code
Rest Client for VS Code is probably one of my favorite tools for executing curl commands. It’s lightweight and has good syntax highlighting. It’s a really useful add-on to do some quick curl requests from within VS Code.
You can simply type in your curl command and a ‘send request’ option will appear above.
After you click send request, another tab opens with the response.
Summary and Next Steps
In this article, we introduced you to the basic curl command and its most useful options. We also mentioned only a handful of the tools that are available to help you get started with cURL. Now you can begin using cURL to test your endpoints and troubleshoot your applications.
To find out more about APIs and API Management, check out the following articles and videos available on IBM Developer:
What is a REST API
This article was originally authored by Amara Graham and published in April of 2019.
Curl -k –insecure (ignore SSL certificate warning) – FreeKB
In this example, the page is being requested from the web server over HTTPS.
And the following is displayed, which, in laymen terms, means the certificate being used by the web server for HTTPS is not trusted by a certification authority (CA). This is common when a web server is using a self-signed certificate.
curl: (60) Peer certificate cannot be authenticated with known CA certificates
More details here:
curl performs SSL certificate verification by default, using a “bundle”
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn’t adequate, you can specify an alternate file
using the –cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you’d like to turn off curl’s verification of the certificate, use
the -k (or –insecure) option.
The -k or –insecure flag can be used to tell curl to ignore this warning and the content of is returned.
~]# curl –insecure
Frequently Asked Questions about curl
What does curl actually do?
cURL, which stands for client URL, is a command line tool that developers use to transfer data to and from a server. At the most fundamental, cURL lets you talk to a server by specifying the location (in the form of a URL) and the data you want to send.Feb 23, 2021
What is curl K?
Curl – -k –insecure (ignore SSL certificate warning) And the following is displayed, which, in laymen terms, means the certificate being used by the www.example.com web server for HTTPS is not trusted by a certification authority (CA). This is common when a web server is using a self-signed certificate.Jun 16, 2021
What is curl s option?
If this option is used several times, the last one will be used. Specify to which file you want curl to write all cookies after a completed operation. Curl writes all cookies previously read from a specified file as well as all cookies received from remote server(s).