Hi all.

I want to use SSL with libcurl. I have the following options set for SSL:

curl_easy_setopt(m_conn, CURLOPT_SSLCERT, "/tmp/curl-ca-bundle.crt");
curl_easy_setopt(m_conn, CURLOPT_SSLCERTTYPE, "PEM");

(I had copied the CA file that comes with curl to /tmp directory, curl
is built to a different build directory though)

And when I ran my program, since I have VERBOSE set for curl, I can see
the debug output as follows:

(I am trying to retrieve document https://www.google.com/index.html)

* About to connect() to www.google.com port 443
* Trying 64.233.161.104... * connected
* Connected to www.google.com (64.233.161.104) port 443
* unable to set private key file:
'/usr/share/Fazzt/dat/curl-ca-bundle.crt' type PEM

* Closing connection #0

However, if I leave out the CURLOPT_SSLCERT option and use the default
one in curl build directory, instead of a customized one I provide with
curl_easy_setopt, I can retrieve the document perfectly. The debug
output is as follows:

(Note: I still have the "CURLOPT_SSLCERTTYPE" option set to "PEM")

* About to connect() to www.google.com port 443
* Trying 64.233.161.104... * connected
* Connected to www.google.com (64.233.161.104) port 443
* successfully set certificate verify locations:
* CAfile: /home/wweng/FDDS/INSTALL/share/curl/curl-ca-bundle.crt
  CApath: none
* SSL connection using AES256-SHA
* Server certificate:
* subject: /C=US/ST=California/L=Mountain View/O=Google
Inc/CN=www.google.com
* start date: 2005-06-07 22:12:54 GMT
* expire date: 2006-06-07 22:12:54 GMT
* common name: www.google.com (matched)
* issuer: /C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
* SSL certificate verify ok.
> GET /index.html HTTP/1.1

Where did I do wrong to result in the first failure? Thanks

Wei
Received on 2005-10-21