Thanks for the quick rely.

I tried it out with the following

curl --cacert verign.crt -L https://www.securesite.com

it works fine. However, I replace the versign.crt with
myownCA.crt and it works too. The funny thing is that
https://www.securesite.com 's certificate is using
versign NOT myownCA. Have I done something wrong?

Thanks.

> On Thu, 22 Mar 2001, Clement Ng wrote:
>
> > I would like curl to verify the server first before sending data to the
> > server. I notice that the latest curl support --accert option.
>
> Make that --cacert ;-)
>
> > Can I specify the "Verisign Class 3 Primary CA" certificate to this
> > option?
>
> Yes, AFAIK that should indeed be possible.
>
> > If I can, how can I get the "Verisign Class 3 Primary CA" certificate in
> > PEM format?
>
> I guess it depends on what format you have it in now. The 'openssl' tool in
> the OpenSSL package is capable of converting a few different formats into
> PEM. The most commonly requested might be the PKCS#12 format used by several
> programs including Netscape, MSIE and MS Outlook.
>
> If that is the case, I believe you can convert it with a command line similar
> to:
>
> openssl pkcs12 -in inputcert -out outputcert.pem
>
> --
> Daniel Stenberg -- curl project maintainer -- http://curl.haxx.se/
>
>
>
Best Regards,

Clement

clement.ng_at_treklogic.com
200 Town Center Blvd., Suite 203
Markham, Ontario, Canada L3R 8G5
Tel: (905) 940-0120 ext. 108
Fax: (905) 940-0130
http://www.treklogic.com
Received on 2001-03-23