Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: Using the X.509 certificates of the Windows certificate store via libcurl
From: Daniel Stenberg via curl-library <curl-library_at_cool.haxx.se>
Date: Tue, 18 Jun 2019 23:27:48 +0200 (CEST)
Date: Tue, 18 Jun 2019 23:27:48 +0200 (CEST)
On Tue, 18 Jun 2019, * * via curl-library wrote:
> Sending an HTTPS GET request with that code produces error
> CURLE_PEER_FAILED_VERIFICATION (60) with the error message "Cert verify
> failed: BADCERT_NOT_TRUSTED". So, obviously the certificates are not
> properly taken into account during the TLS handshake.
I don't know a lot about Windows and extracting the CA store on Windows, but I
think this problem happens because you haven't actually got the full cert
store in that function.
At least David Weisgerber's code from two years ago seems to do more:
https://curl.haxx.se/mail/meet-2017-03/0030.html
(That example is for OpenSSL but I think the Windows parts should be
similar.)
--
/ daniel.haxx.se | Get the best commercial curl support there is - from me
| Private help, bug fixes, support, ports, new features
| https://www.wolfssl.com/contact/
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2019-06-18