Date: Mon, 17 Oct 2011 16:00:56 -0500
I feel silly asking this question but I really have looked through Google and also the code. I'm not sure if this is a curl, libcurl, or openssl question.
If I'm on my Mac and I do a curl request to an https site, it goes off and happily does the request. Somewhere it has a stash of certificates (I'm not 100% sure that is the right term).
If I do the same question on my AIX machine it gives me the message.
> curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
> error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
> More details here: http://curl.haxx.se/docs/sslcerts.html
> curl performs SSL certificate verification by default, using a "bundle"
> of Certificate Authority (CA) public keys (CA certs). The default
> bundle is named curl-ca-bundle.crt; you can specify an alternate file
> using the --cacert option.
> If this HTTPS server uses a certificate signed by a CA represented in
> the bundle, the certificate verification probably failed due to a
> problem with the certificate (it might be expired, or the name might
> not match the domain name in the URL).
> If you'd like to turn off curl's verification of the certificate, use
> the -k (or --insecure) option.
I hope its ok for me to paste this here. On the Mac, I do:
and it works. If I do that on my AIX machine, I get the above message. I downloaded the cacert.pem file and if I do:
curl --cacert /tmp/cacert.pem https://rvm.beginrescueend.com/releases/stable-version.txt
on my AIX machine, it works. But my question is, where can I store the cacert,perm file so that curl, or libcurl, or openssl can find it automatically.
I know about the various environment variables, etc but it should would be nice if I could just store it somewhere. I see on Windows, I can do this in 5 different locations but I can't find the equivalent for a Unix machine.
There are comments about compile time options which is what I assume Apple did but I can't piece the puzzle together.
The mac has 7.21.4. The AIX host has either 7.18.2 or 7.22.0 (depending upon which host I use).
Thank you for your help,
List admin: http://cool.haxx.se/list/listinfo/curl-library
Received on 2011-10-17