cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: A darwinssl-related bug again

From: Nick Zitzmann <nick_at_chronosnet.com>
Date: Wed, 27 Aug 2014 18:29:30 -0500

On Aug 27, 2014, at 4:55 PM, Daniel Stenberg <daniel_at_haxx.se> wrote:

> Heya,
>
> Bug #1417 was just filed, identifying a client cert failure on Mac OS X using the darwinssl backend: https://sourceforge.net/p/curl/bugs/1417/

This is not a bug. The darwinssl back-end does not support client certificates in PEM or DER format, because the Security framework function I need to make this work is private API. Only client certificates in P12 format are supported, and only in OS X 10.7 or later, because the Security framework does have a public API for importing a client certificate and private key in PKCS#12 format.

> There's also still bug #1404 remaining, which is the darwinssl backend failing to verify the server (wildcard?) cert. Several people have chimed in there with the same problem. https://sourceforge.net/p/curl/bugs/1404/

It looks like it only happens with a custom certificate bundle. I'll take a look.

Nick Zitzmann
<http://www.chronosnet.com/>

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-08-28

This message: [ Message body ]
Next message: Vilmos Nebehaj: "Re: A darwinssl-related bug again"
Previous message: John Coffey: "Re: Problems with FTP upload and 502 SIZE"
In reply to: Daniel Stenberg: "A darwinssl-related bug again"
Next in thread: Vilmos Nebehaj: "Re: A darwinssl-related bug again"
Reply: Vilmos Nebehaj: "Re: A darwinssl-related bug again"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]