cURL / Mailing Lists / curl-users / Single Mail

curl-users

about --cacert

From: Billy Taylor <billy_taylor_at_hotmail.com>
Date: Thu, 07 Mar 2002 08:55:59 +0000

Hello,

This is a great tool I've just found out about, which we're hoping to
use to let people upload files securely. Thanks for writing it.

If I open up https://www.verisign.com/ in IE (say), click on the
padlock, etc..., and save the issuer's certificate to a file v.cer, so
that:

$ openssl x509 -text -inform pem -in v.cer | grep Subject
Subject: C=US, O=RSA Data Security, Inc., OU=Secure Server Certification
Authority

Then I should be able to use that certificate with curl --cacert to
connect to https://www.verisign.com/ and have the peer verified, right?

Is so, I'm missing something, as:

$ curl -v --cacert v.cer https://www.verisign.com/
* Closing connection #0
curl: (35) SSL: error:0D07908D:asn1 encoding routines:ASN1_verify:unknown
message digest algorithm

Trying the same thing with another site gives me:

curl: (35) SSL: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

Any ideas on how to proceed?

Cheers,
Billy.

_________________________________________________________________
Join the world’s largest e-mail service with MSN Hotmail.
http://www.hotmail.com
Received on 2002-03-07