cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: cURL / SSL problem

From: Tom Reader <tom_at_proxima.org.uk>
Date: Thu, 03 Jan 2002 13:49:28 +0000

> > However, when using the SSL-enabled site, I use:
> >
> > curl --data-binary @data-file https://www.whatever.com:nnn/receive.pl
> >
> > I receive the error:
> >
> > curl: (35) SSL: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad
> > certificate
> >
> > <snip>
> > Can anyone give me any other ideas on how to move forward with this
> > problem? Any help would be very much appreciated.
>
>I think it looks like the server requires you to pass on a certificate so
>that it can verify that you are who you say you are, but your command line
>doesn't specify any certificate!

Dan, thanks for your help. It's appreciated.

That has moved me onto a different problem, which still concerns the keys /
certificates.

I am now using the command line:

curl --data-binary @send.txt https://xxx.xxx.xxx.xxx:nnnn/receive.sh -v -E cert

where the file 'cert' contains my certificate. This is a server
certificate issued by verisign - maybe the problem is caused by the fact
that it's a server certificate?

Anyway, I am receiving the error:

* Closing connection #0
curl: (35) unable to set public key file

I can confirm that the certificate file in question ('cert') is recognised
by openssl's 'x509' program as being a PEM certificate. However, this is
my *public* certificate, which as I understand SSL, is what I should be
sending to the remote. The documentation mentions private certificates,
which is a concept I don't understand - I thought there was only a public
certificate, which is linked to the private key. Can you confirm which I
should be using, and whether it matters where the files are located, etc?

I was getting on well with cURL, but since starting to use SSL, I may be
getting slightly out of my depth. However, I have read what documentation
I consider relevant, and can't get around this problem!

Any help anyone can give me would be very much appreciated.

Regards

Tom
Received on 2002-01-03