cURL / Mailing Lists / curl-library / Single Mail

curl-library

receive: Peer certificate cannot be authenticated with known CA certificates

From: Deckers, Rob <rob.deckers_at_oce.com>
Date: Wed, 14 Jul 2010 14:53:02 +0200

I am writing a program that must communicate over https to a server to
send and retrieve some data.
 
I use OpenSSL (openssl-1.0.0a
<http://www.openssl.org/source/openssl-1.0.0a.tar.gz> from the first of
juli) and Libcurl (curl-7.21.0
<http://curl.haxx.se/download/curl-7.21.0.zip> )
 
In the constructor of my class, I do:
 
{
    // curl_global_init() should only be issued once
    if (!smIsGlobalInitialized)
    {
        print("curl_global_init")
        // curl_global_init may only be called once for each programm
        CURLcode res = curl_global_init(CURL_GLOBAL_ALL);
        if (res != CURLE_OK)
        {
            error("Failed to init libCurl, errorcode=%1%", res));
        }
        smIsGlobalInitialized = true;
    }

    curl_version_info_data * vinfo = curl_version_info( CURLVERSION_NOW
);
    if( vinfo->features & CURL_VERSION_SSL )
    {
        print("libcurl does support SSL");
    }
    else
    {
        error("No SSL support from libcurl");
    }
}

And in my getData() function, I do:
// the url must start with "https://"
bool CurlClient::getData(std::string filepath, std::string url)
{
    print("getDataFile: Url %1% ,body to %2% ", url, filepath);
    mErrorDetected = false;
    mCurlErrorCode = CURLE_OK;
    CURL *curlHandle = curl_easy_init();
    
    assert(curlHandle != 0, EXT_RESTART, SDSCAT_SWERROR, ("Error
initializing Curl library."));

    // reset the curl option to the defaults
    curl_easy_reset(curlHandle);
    UcsFile dataFile = {filepath, NULL};

    curl_easy_setopt(curlHandle, CURLOPT_URL, url.c_str());
    curl_easy_setopt(curlHandle, CURLOPT_WRITEFUNCTION,
CurlClient::writeFile);
    curl_easy_setopt(curlHandle, CURLOPT_WRITEDATA, &dataFile);
    curl_easy_perform(curlHandle);
    if (dataFile.stream)
    {
        fclose(dataFile.stream);
    }
    curl_easy_cleanup(curlHandle);
    return mErrorDetected;
}

When I execute my getData function, I retrieve error code 60
(LibCurl error code: 60, Peer certificate cannot be authenticated with
known CA certificates)

But when I add:
    curl_easy_setopt(curlHandle, CURLOPT_SSL_VERIFYPEER, 0L);
It all works fine.

What am I doing wrong?

Rob Deckers

This message and attachment(s) are intended solely for use by the addressee and may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law.

If you are not the intended recipient or agent thereof responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.

If you have received this communication in error, please notify the sender immediately by telephone and with a 'reply' message.

Thank you for your co-operation.

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-07-14