cURL / Mailing Lists / curl-library / Single Mail

curl-library

Unable to resolve the Error for TLS connection in LibCURL(in curl-7.19.6).

From: venkatgiri <venkatgiri.t_at_globaledgesoft.com>
Date: Mon, 18 Jan 2010 18:06:36 +0530

Hi all,
I'm using the LibCURL library for the HTTPS Client. I have generated the
certificates [required for Client and Server] using the OpenSSL commands
and i kept those certificates in the proper path as told in the
"httpd-ssl.conf" file. when i execute the application i'm getting the an
error "unable to use client certificate (no key found or wrong pass
phrase?)". I'm not getting what the wrong i did.

This is the konsole output,
./app https://100.10.9.10/index.html
* About to connect() to 100.10.9.10 port 443 (#0)
* Trying 100.10.9.10... * connected
* Connected to 100.10.9.10 (100.10.9.10) port 443 (#0)
* unable to use client certificate (no key found or wrong pass phrase?)
* Closing connection #0
* Problem with the local SSL certificate
Unable to transfer file.

I'm using LibCURL version 7.19.6. Please can anyone correct me for this
error. I debugged the code it is giving the error in the function
cert_stuff() of the curl/lib/ssluse.c.

I have used the Open SSL commands to check the certificates generated it
didn't gave the error. The commands are,

1. openssl x509 -inform DER -in device.cer -text
2. openssl rsa -inform DER -in key.key -text

_sample code which i'm using to set the CURL Options._
ret = curl_easy_setopt(handle_t, CURLOPT_SSLCERT, "/tmp/device.cer");
    if (ret != CURLE_OK) {
        fprintf(stderr, "Unable to set CURLOPT_SSLCERT .\n");
        return NULL;
    }
    ret = curl_easy_setopt(handle_t, CURLOPT_SSLCERTTYPE, "DER");
    if (ret != CURLE_OK) {
        fprintf(stderr, "Unable to set CURLOPT_SSLCERTTYPE.\n");
        return NULL;
    }
    ret = curl_easy_setopt(handle_t, CURLOPT_SSLKEY, "/tmp/key.key");
    if (ret != CURLE_OK) {
        fprintf(stderr, "Unable to set CURLOPT_SSLKEY.\n");
        return NULL;
    }
    ret = curl_easy_setopt(handle_t, CURLOPT_SSLKEYTYPE, "DER");
    if (ret != CURLE_OK) {
        fprintf(stderr, "Unable to set CURLOPT_SSLKEYTYPE.\n");
        return NULL;
    }

More more question is, if i have use the Certificate Chain then which
option i need to use in the curl_easy_setopt(). If i'm using the
certificate chain then there will be multiple certificate files.

Thanks and Regards,
Venkatgiri.

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-01-18

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: Unable to resolve the Error for TLS connection in LibCURL(in curl-7.19.6)."
Previous message: Alex: "offtopic"
Next in thread: Daniel Stenberg: "Re: Unable to resolve the Error for TLS connection in LibCURL(in curl-7.19.6)."
Reply: Daniel Stenberg: "Re: Unable to resolve the Error for TLS connection in LibCURL(in curl-7.19.6)."
Reply: Kamil Dudka: "Re: Unable to resolve the Error for TLS connection in LibCURL(in curl-7.19.6)."

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]