curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: Configuring with both --with-ca-path and --with-ca-bundle

From: Martin Galvan via curl-library <curl-library_at_cool.haxx.se>
Date: Fri, 12 Jan 2018 14:42:07 -0300

Ray Satiro wrote:
> Are you saying that --with-ca-path and --with-ca-bundle don't work
> together at runtime or at build time?

At runtime.

> However at runtime at least for libcurl w/OpenSSL it will fail if
> processing either one of the locations fails [1].
> ...
> [1]:
> https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_load_verify_locations.html

I see. Looks like this actually stems from OpenSSL, and libcurl just acts as a rather thin wrapper over it. I wonder what the rationale was for this decision from the folks at OpenSSL, and why libcurl decided to keep the same behavior (albeit undocumented).
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2018-01-12

This message: [ Message body ]
Next message: Alex Chen via curl-library: "Building libcurl 7.57 on Windows"
Previous message: Michael Ambrus: "Questions regarding storing passwords in plaintext and security"
In reply to: Ray Satiro via curl-library: "Re: Configuring with both --with-ca-path and --with-ca-bundle"
Next in thread: Daniel Stenberg: "Re: Configuring with both --with-ca-path and --with-ca-bundle"
Reply: Daniel Stenberg: "Re: Configuring with both --with-ca-path and --with-ca-bundle"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]