cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Certificate verificaion fails when using CURLOPT_CAINFO to intermediate

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Thu, 12 Jan 2012 22:27:21 +0100 (CET)

On Wed, 11 Jan 2012, Johannes Bauer wrote:

> Doing the same thing with curl now:
>
> $ curl --cacert intermed.crt --capath /sys https://accounts.google.com
> curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
> error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
> verify failed

...

> Can somebody please enlighten me why the behavior of cURL differs form
> that of openssl?

I'm not sure anyone can, at least I can't. I think you need to debug the both
ways and see how the function calls to do the check differ. It surprises me as
it is basically a single OpenSSL function call...

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2012-01-12

This message: [ Message body ]
Next message: Khaled El Mously: "result of curl_perform() timeout"
Previous message: Daniel Stenberg: "RE: cUrl and challenge-response authentication (NTLM)"
In reply to: Johannes Bauer: "Certificate verificaion fails when using CURLOPT_CAINFO to intermediate"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]