On Wed, Jul 11, 2012 at 05:26:19PM -0400, Anu Shrestha wrote:
> just doesn¢t work for me. How do you force SSL version? Any order it needs to
> be in? It doesn¢t matter what I set to I get the handshake error(below is the
> code) and it only tries connecting to SSLv3. It¢s been 5 days trying to fix the
> problem with no luck. Any help would be much much appreciated.

Are you sure it's actually using SSLv3 or is that just Wireshark
displaying the lowest common denominator version?

> Command line: => works
>
> curl -X POST -vvv --sslv3 -d @input_file https://
> username:password_at_kmc03bit.xx.xx/invoke/processRequest
> --cacert /usr/local/etc/ssl/ca.pem

You can use the --libcurl option to have curl write a little program
that sets these options in the same way and see if that works any
better.

> curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1);
>
> curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 1);

Note that these have to be type long, not int.

> On 07/09/2012 10:58 PM, Anu Shrestha wrote:
> Summary: Handshaking between the client and host cipher(TLSV1/SSLV3) is not
> compatible with current version of curl 7.24. It used to work with 7.21. What
> changes between the version could have this?

One significant one was commit db1a856b4f7cf6ae334fb0656b26a18eea317000,
which has since been made configurable with the CURLSSLOPT_ALLOW_BEAST
option.

>>> Dan
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-07-12