Thanks for pointing it out!

It looks like libcurl will automatically send intermediate certs from
pkcs12 file. This is actually the exact case of mine! So far I have been
parsing pkcs12 file myself and read those certs/key into memory. It looks
like there is an easier way to use libcurl directly parsing pkcs12 file.

Is there an existing example I can try that approach?

Jun

On Fri, Apr 5, 2019 at 2:26 AM Zakrzewski, Jakub via curl-library <
curl-library_at_cool.haxx.se> wrote:

>
> ------------------------------
> *From:* curl-library <curl-library-bounces_at_cool.haxx.se> on behalf of Jun
> Sun via curl-library <curl-library_at_cool.haxx.se>
>
> > I have followed the example of using user certificate in memory,
> https://curl.haxx.se/libcurl/c/usercertinmem.html , and it worked great!
>
> > In my environment, however, we have an intermediate CA and the client
> needs to sends its certificate to server as well. How do I do that?
>
>
> I guess you have to work with OpenSSL function
> like SSL_CTX_add_extra_chain_cert.
>
> libcurl seems to use it also:
> https://github.com/curl/curl/blob/efd9fba68189c70c2a48d9726b25df25ba87fcd0/lib/vtls/openssl.c#L799%e2%80%8b
>
> -------------------------------------------------------------------
> Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
> Etiquette: https://curl.haxx.se/mail/etiquette.html

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2019-04-05