I've been using cURL for a long time but just getting into the SSL end of
it. I'm not a crypto guy, so just the process of creating, signing, and
installing certs is also new, but I'm making progress.

The info at http://eal.us/archives/000964.html has proven invaluable for
creating a cert with OpenSSL which can be installed to IIS, and IE works
fine with it. (Note the info there says you jump back and forth between
Windows and Linux to create/sign certs but it can all be done from one OS.

The problem I'm having is creating a PEM from a server .crt file with
OpenSSL that the cURL commandline can use. I've tried many permutations and
never seem to get it quite right. I'm using this OpenSSL line to create the
PEM:
  openssl x509 -in server.crt -out server.pem -outform PEM

I think I need to add the cert info to curl-ca-bundle.crt, or (preferably) I
need to properly tell the commandline to use a different file rather than
going to the bundle. I've used notepad to copy/paste the cert into the
bundle with no joy. (Don't use Wordpad or it will change all the EOL
delimiters).

Can anyone give me a definitive set of steps to get from a working cert to a
working HTTPS with cURL? I'll be happy to put all of this info (including
helpful notes of my own) up on my website for future reference. Daniel has
mentioned in previous posts on the topic (since the bundle was first
introduced) that there is no real documentation for this yet. I'm wondering
how anyone makes it work.

Many Thanks.
Tony
(This is my first post to this list, thanks to everyone for posting
questions and responses for all this time, it's been a great resource for
info.)
Received on 2004-03-01