cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Error 60 Self signed certificate issue

From: JOHAN LANTZ <johan.lantz_at_telefonica.com>
Date: Fri, 2 Sep 2016 07:27:14 +0000

Hi guys

Thanks for the answers. I finally found the reason, it was a silly mistake I made that caused the certificate path used in CURLOPT_CAINFO to never get assigned. I made that change for iOS so I never noticed it (since DarwinSSL does not have such a file).

So, the real problem was simply that the certificate file was not loaded at all and for some reason this caused the very confusing error saying the server used a self signed certificate.

What made it even more confusing is that running the openssl command line tool in OS-X:
openssl s_client -showcerts -connect my_server:443

Produced the same kind of error namely:
verify error:num=19:self signed certificate in certificate chain

The fix was similar, passing the -CAfile option with a .pem file fixed the issue. In Linux it was not needed to pass the CA file path, it just worked.

These things combined made it a bit hard to find the root cause but now its back to normal.

Thanks for your help

Johan

________________________________

Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.

The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.

Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição

-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-09-02