On Wed, 31 Aug 2016, JOHAN LANTZ wrote:

> Info: SSL certificate problem: self signed certificate in certificate chain
>
> To my understanding this says that one of the certificates I have provided
> from the client is self signed? Is that correct. I just read the
> certificates available in the Android device and wrote them to a file that
> curl gets access to.
>
> Can someone point me in the right direction so I know what to look for. This
> problem did not exist previously so either my certificate file is corrupt or
> something else has changed. I am just not clear on where to start looking.

I trust you understand what it means when libcurl can't verify the server
certificate? The server's certificate has been signed by a CA who's not
present in your CA store/bundle.

The exact string "self signed certificate" is stated by OpenSSL there (right?)
and I'm not familar with its exact internal logic for saying it is self
signed. The normal way to do self-signed certs is when you run a server with a
cert that is signed by your yourself and not by any known CA. Logically, a
client cannot verify a self-signed cert and thus it fails the check.

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:  https://curl.haxx.se/mail/etiquette.html