When you use curl in Linux machines to make remote calls to SSL sites, you need to have latest root certificates installed. Recently I came across a situation where the newer root certificate were not available and so the remote call suddenly started failing.

First, you will have to find the location of your certificate files :

curl-config --ca

Now, you download the latest bundle to the path found from above , which usually is /etc/pki/tls folder

curl http://curl.haxx.se/ca/cacert.pem -o /etc/pki/tls/certs/ca-bundle.crt

 

You can check whether the curl call works by sample command given below :

curl --verbose --cacert ./certs/verisign-intermediate-ca.crt --head https://remotesite.com/