ssl certificate error while making cURL request to IP address

I'll make this a new answer, since it's going in quite a different direction. In fact it doesn't answer the question as posed, but is perhaps the direction the OP should be looking.

The usual configuration when using a load balancer is that the SSL certificate doesn't live on the web server at all, but rather the SSL is handed off to the load balancer.

The end user makes an HTTPS request to the load balancer. The load balancer unwraps the SSL, and forward the request via unencrypted HTTP to the web server, with a header that tells the Web server that the original request was encrypted. (important for embedding URLs in the response, and for avoiding serving secure content over http).


You can use the domain name as usual but override the resolver like so:

curl -v --resolve subdomain.example.com:443:x.x.x.x https://subdomain.example.com/

It might be awkward to maintain a lot of such mappings though. You might prefer to just ignore the cert mismatch:

curl --insecure https://subdomain.example.com/

IF you want, you could use --insecure --verbose and parse the messages to check that the cert is for the expected domain, but that's probably more work than using --resolve