curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Curl problem with SSL

From: Subrata Dasgupta via curl-library <curl-library_at_cool.haxx.se>
Date: 21 Jul 2019 08:47:51 -0000

Hi All,I am very new to the curl library. So pardon me if my question is too basic. Can you please help me to understand why below mentioned problem is coming? And how to solve this problem ??Earlier a 32 bit c++ application was using curl-7.20.1 and there was no problem while connecting with the SSL enabled device over HTTPS. But when library is upgraded to libcurl-7.61.1 c++ application is getting few strange errors while working with new curl library though there is no change in the application source code or certificate. In the logs I am getting following error strings.TLSv1.2 (IN), TLS handshake, Finished (20):SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384ALPN, server did not agree to a protocolSSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.But in previous case I am getting following things in log and there was no such protocol disagreement message.skipping SSL peer certificate verificationSSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA3
84Following options seems to be relevant and set by using curl_easy_setopt call.CURLOPT_SSL_VERIFYPEER&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set to 0CURLOPT_SSL_VERIFYHOST&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set to 0CURLOPT_CAPATH&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set to 0CURLOPT_ENCODING&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; gzipCURLOPT_CAINFO&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; supplied a pem certificate file . Same certificate file was also used earlier but there was no error.CURLOPT_USERAGENT,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;libcurl-agent/1.0&quot;Below options are also set via curl_easy_setopt call.CURLOPT_POSTFIELDS , CURLOPT_POSTFIELDSIZE_LARGE , CURLOPT_HTTPHEADER , CURLOPT_DEBUGFUNCTION , CURLOPT_PRIVATE, CURLOPT_WRITEFUNCTION , CURLOPT_WRITEDATA , CURLOPT_ERRORBUFFERBelow options are set via curl_multi_setopt call.CURLMOPT_SOCKETFUNCTION , CURLMOPT_SOCKETDATA , CURLMOPT_TIMERFUNCTION , CURLMOPT_TIMERDATA , CURLMOPT_MAXCONNECTS , CURLMOPT_PIPELININGThere was no curl_easy_perform call in the code.ThanksSubrata

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2019-07-21