Some organizations use a firewall that intercepts SSL communications and
replaces the authentication token with an organization-wide token that
is just supposed to be accepted. Browsers can be locally configured for
this intentional trickery, but it's a little more tricky for the use of
curl in a batch script that is shared with external collaborators.
The easiest solution is to just disable the security for the
download. This makes the script more susceptible to "man in the middle"
attacks, but it's probably easier to just slip malware in the public