Hello list,

i'am using libcurl/7.44.0 with NSS/3.21i. If I call a curl_easy_perfom()
in my httpclient it returns CURLE_SSL_CACERT_BADFILE.

the same nss key database is working fine together with apache2 (tls with
mod_nss). So I assume path and access rights are fine for libcurl to.

some clue whats wrong here?

my SSL Specific settings are this one:

CURLOPT_URL - "https://127.0.0.1/test.php" : Target URL on same machine for testing
CURLOPT_POST - 1
CURLOPT_TIMEOUT - 300
CURLOPT_READDATA - FILE* pFile = fopen("/home/root/test.json")
CURLOPT_INFILESIZE_LARGE- fstats.st_size
CURLOPT_HTTPHEADER - some custom header stuff

other settings which works even without ssl

CURLOPT_KEYPASSWD - "foo" : Password to NSS-Database
CURLOPT_SSLCERTTYPE - "P12" ("PEM" didn't work either)
CURLOPT_SSLCERT - "client - foo" : Nickname of client cert within NSS Database
CURLOPT_SSLKEYTYPE - "ENG" (Tried "DER" and "PEM" too ... (in combination with either P12 and PEM as CertType))
CURLOPT_SSLKEY - "client - foo" : Nickname of client cert / priv key for cert within NSS Database (Nickname of Cert and PrivKey are identical)
CURLOPT_CAPATH - "/etc/apache2/nss-conf/" : Path to NSS-Database (redundant? already set via put_env to $SSL_DIR)
CURLOPT_CAINFO - "CA - foo" : Nickname of CA Cert within NSS Database
CURLOPT_SSL_VERIFYPEER - 1

Verbose output:

* Trying 127.0.0.1...

* Connected to 127.0.0.1 (127.0.0.1) port 443 (#0)

* Initializing NSS with certpath: sql:/etc/apache2/nss-conf/
* Closing connection 0

Own output:

curl_easy_perform: 77
curl_easy_perfom returns CURLE_SSL_CACERT_BADFILE

Best regards,

Oliver
-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-04-07