cURL / Mailing Lists / curl-library / Single Mail

curl-library

Using custom ssl certificate from memory

From: Ruslan Gaifulin <omskannihilator_at_gmail.com>
Date: Tue, 4 Mar 2014 20:29:43 +0700

I created a bundle with mk-ca-bundle named C:\mybundle.cer
I check it like
curl_easy_setopt(curl, CURLOPT_CAINFO, "C:\\mybundle.cer");
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, true);

And was able to login to the server. Now I need to use certificate info
from memory i.e. with
curl_easy_setopt(curl,CURLOPT_SSLCERTTYPE,"PEM");
curl_easy_setopt(curl,CURLOPT_SSL_CTX_FUNCTION, *sslctx_function);

my sslctx_function looks like

*static CURLcode sslctx_function(CURL * curl, void * sslctx, void *
parm){ X509_STORE * store; X509 * cert=NULL; BIO * bio;
std::fstream myfile; myfile.open("C:\\certdata"); std::string
certText; std::string line; while(std::getline(myfile, line))
{ certText += line; certText += '\n'; } /* get a BIO */
     char * mypem = const_cast<char*>(test.c_str());
 bio=BIO_new_mem_buf(mypem, -1); /* use it to read the PEM formatted
certificate from memory into an X509 * structure that SSL can use
   */ PEM_read_bio_X509(bio, &cert, 0, NULL); if (cert ==
NULL) printf("PEM_read_bio_X509 failed...\n"); /* get a
pointer to the X509 certificate store (which may be empty!) */
store=SSL_CTX_get_cert_store((SSL_CTX *)sslctx); /* add our
certificate to this store */ if (X509_STORE_add_cert(store, cert)==0)
        printf("error adding certificate\n"); /* all set to go */
return CURLE_OK ;}*

certdata file is a text file containing
-----BEGIN CERTIFICATE-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END CERTIFICATE-----

This data I extracted from mybundle.cer using
curl_easy_setopt(curl, CURLOPT_CERTINFO, 1L);
curl_easy_getinfo(curl, CURLINFO_CERTINFO, &ptr.to_info);

The problem is when I try to login I get CURL_SSL_CACERT

How to properly use the certificate data from memory?

-- 
Cheers,
Ruslan Gaifulin
<O.Yurchenko_at_omsk.otpbank.ru>

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-03-04