CURLE_PEER_FAILED_VERIFICATION
Date: Tue, 7 Jul 2020 14:24:15 +0200
Hello,
I have a problem with a program I'm writing.
The mission is to get a dataset from a webpage using curl.
The data I want to get is secured by a 2-factor authentication. HTTPS with
basic-auth and a pck12-certificate with a password.
When using the commandline-version of curl, I have no problems to get the
result I'm expecting. But I'm runnig into trouble when I'm using the
libcurl-version within my sourcecode.
Fact:
The following syntax is full functional:
curl --cert my_client_cert.p12 --cert-type p12 --pass
pwd_for_my_client_cert.p12 --user webuser:pwd_for_webuser
https://some_webserver.com:12345/getdata?item=01239-876543
The getdata?item represents the subject(itemnumber) for which I want the
dataset.
What I going to do is to automate this process to have a program in which I
place the mobilenumber as the only input.
The the rest is done by the program like retrieve the json-data from the
server, extract the nessessary data to a database.
I am doing this with the C++-builder (XE7) of Embarcadero.
I have placed the files like libcurl.dll and the header-files in the right
places. I can compile my program using the libcurl easy interface. So far,
there's no problem.
But I got stuck when configuring the curl_easy_setopt-parameters.
With my config I'm only receiving the error 60 which says that there is a
problem with the "CURLE_PEER_FAILED_VERIFICATION" " "The remote server's SSL
certificate or SSH md5 fingerprint was deemed not OK."
The displayed Message is: "SSL peer certificate or SSH remote ey was not OK"
For better understanding I'm posting a snippet of the code to do basic
dataaquisition.
-----------------------------------------------------------
char* certPath = "C:\\Pat\\to\\Certificate";
char* certName = "my_client_cert.p12";
char* certPass = "pwd_for_my_client_cert.p12";
char* certType = "P12";
char* webUser = "webuser";
char* webUserPass = "pwd_for_webuser";
String webAddress =
"https://some_webserver.de:12345/getdata?mnum=01239876543"+item_nr; //
String because the item is coming from an edit-field. The result has to be
converted after combining the address with the item.
char* web_Address = convertToAnsistr(webAddress);
curl = curl_easy_init();
if(curl){
curl_easy_setopt(curl, CURLOPT_CAPATH, certPath);
curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, certType);
curl_easy_setopt(curl, CURLOPT_SSLCERT, certName);
curl_easy_setopt(curl, CURLOPT_KEYPASSWD, certPass);
curl_easy_setopt(curl, CURLOPT_USERNAME, webUser);
curl_easy_setopt(curl, CURLOPT_PASSWORD, webUserPass);
// Demo or not? as a debug function
if(DemoMode == true){
curl_easy_setopt(curl, CURLOPT_URL, DemoData);
/* example.com is redirected, so we tell libcurl to
follow redirection */
curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
}
if(DemoMode == false){
curl_easy_setopt(curl, CURLOPT_URL, web_Address);
}
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK){
StatusBar1->Panels->Items[1]->Text =
"curl_easy_perform() failed - Code: "+IntToStr(res);
StatusBar1->Panels->Items[2]->Text =
curl_easy_strerror(res);
}
/* always cleanup */
curl_easy_cleanup(curl);
}
-----------------------------------------------------------
I'm using the following versions:
libcurl.dll 7.71.1
libssl-1_1.dll 1.1.1.7
libcrypto-1_1.dll 1.1.1.7
... and here's the point I'm stuck.
The more I'm trying to solve the prolem the more I feel confused because I
think I took the right way to get the result from the server.
Perhabs there's someone out there to lend me a hand to get me back on the
right track :)
Maybe it's easy, but I can't see the solution.
Many thanks in advice to you
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-07-07