cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: HTTPS returns nothing

From: WL Reyes- Bruce <wlrbruce_at_lucent.com>
Date: Wed, 05 Mar 2003 19:18:46 -0500

Daniel Stenberg wrote:
>
> On Wed, 5 Mar 2003, WL Reyes- Bruce wrote:
>
> > Thanks for the quick response. I have added a check for the response
> > from curl_easy_perform and it returns a 51, which I guess means:
> > CURLE_SSL_PEER_CERTIFICATE, /* 51 - peer's certificate wasn't ok */
> >
> > Also I have setup the VERBOSE option which I did not have before and this
> > is what I get:
>
> Try setting CURLOPT_SSL_VERIFYHOST to 1 or even 0 as a test. That's what the
> curl tool does when -k/--insecure is used.

[Wina responds] I added that after setting the CURLOPT_SSL_VERIFYPEER to
FALSE and it worked. Now I get the HTML page.

[Wina responds] Now I just need to figure out how to set it to work with
this server certificate. What is the expected format for the
CURLOPT_CAINFO file? I tried using PEM format, but the verification
failed. Can you point me to a more complete example of how to use
CURLOPT_CAINFO? I do need the verification part, otherwise it is not as
secure.

>
> > I also tried setting 'curl_easy_setopt(curl, CURLOPT_CAINFO,"/tmp/ca.pem"),
> > where ca.pem is a server certificate file for the server that I am pointing
> > to.
>
> That contradicts the use of CURLOPT_SSL_VERIFYPEER set to FALSE...

[Wina responds] Sorry, what I meant to say is that I had tried one or
the other, not together.

>
> > I only want HTTPS without client certificates.
>
> CURLOPT_CAINFO doesn't affect client certificates, it is used to set a CA
> cert to verify the server's certificate against.
>
> --
> Daniel Stenberg -- curl, cURL, Curl, CURL. Groks URLs.
>
> -------------------------------------------------------
> This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger
> for complex code. Debugging C/C++ programs can leave you feeling lost and
> disoriented. TotalView can help you find your way. Available on major UNIX
> and Linux platforms. Try it free. www.etnus.com

Once again, thanks for your time,

-- 
+++++++++++++++++++++++++
Wina L. Reyes-Bruce
+++++++++++++++++++++++++
-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger 
for complex code. Debugging C/C++ programs can leave you feeling lost and 
disoriented. TotalView can help you find your way. Available on major UNIX 
and Linux platforms. Try it free. www.etnus.com

Received on 2003-03-06

This message: [ Message body ]
Next message: J�rg M�ller-Tolk: "Re: (no subject)"
Previous message: Daniel Stenberg: "Re: HTTPS returns nothing"
In reply to: Daniel Stenberg: "Re: HTTPS returns nothing"
Next in thread: Daniel Stenberg: "Re: HTTPS returns nothing"
Reply: Daniel Stenberg: "Re: HTTPS returns nothing"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]