curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: CURLE_PEER_FAILED_VERIFICATION

From: Petr Pisar via curl-library <curl-library_at_cool.haxx.se>
Date: Tue, 7 Jul 2020 18:12:31 +0200

On Tue, Jul 07, 2020 at 02:24:15PM +0200, Sven Appel via curl-library wrote:
> The following syntax is full functional:
>
> curl --cert my_client_cert.p12 --cert-type p12 --pass
> pwd_for_my_client_cert.p12 --user webuser:pwd_for_webuser
> https://some_webserver.com:12345/getdata?item=01239-876543
>
[...]
> char* certPath = "C:\\Pat\\to\\Certificate";
[...]
> curl_easy_setopt(curl, CURLOPT_CAPATH, certPath);

Here you set a CA certificete path to C:\Pat\to\Certificate in the C code.
Where do you it in the fully functional command (curl --capath argument)?

I bet it fails because that directory does not contain the right CA
certificate file under the right file name as expected by OpenSSL in contrast
to the default CA path built in the curl command or library.

Also please note that OpenSSL on Windows is a little bit tricky. Some of their
builds actually use a certificate storage from the operating system.

-- Petr

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html

Received on 2020-07-07