Curl errors with pushing metadata to an secure icecast server?

āš™ļø Web integration šŸŒ Metadata Push
1

Hey there - Iā€™m setting up a new encoder and this one is sending to a secure icecast server. Setting up the metadata push link, though, is generating errors similar to:

      "error": "Unable to complete SSL/TLS handshake: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed",
  "curl": "curl 'https://admin:rundown6@wortcast01.wortfm.org:8443/admin/metadata?mount=/testaac.aac&mode=updinfo&song=Petrichor%20Radio+with+Ohjho+%7C+Angels%20and%20Demons%20at%20Play+by+Sun%20Ra%20Arkestra+from+Swirling' -A 'Mozilla/5.0 WORT music metadata via http://spinitron.com' -H 'Host: wortcast01.wortfm.org:8443'"

Looks like the error is caused by curl not recognizing my CA cert. Iā€™m guessing that this might be caused by the weird method icecast insists for generating its .pem file. Or could it be that this is because it is a wildcard cert for all our domain servers/functions? Any suggestions?
Is it possible to tell curl not to peer check in from the metadata push channel template? Thanks!

2

Just to follow up here since Iā€™m still investigating this: If I use the URL in a web browser, I get a success message returned in the browser window. So perhaps curl is not recognizing my wildcard cert?

But do I even need this? If a mount point is set to be used by a client via http: and https: is it okay to have the metadata pushed to just the non-ssl port (8000) and have it be available to whichever port the client attaches to?