cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: https and certs

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Tue, 6 May 2003 21:17:07 +0200 (CEST)

On Tue, 6 May 2003, Bryan Koschmann - GKT wrote:

> I'm new to using curl and am trying to get a website via https. I've read a
> number of examples and such but I can't seem to find what I need.

You should mention what curl version on what operating system as well, as it
helps us to understand the problem better and makes it easier to suggest an
appropriate action.

> I will be accessing a URL to get a csv file directly. This site requires a
> login via a form first. If I put the url to the csv file directly in my
> browser, it first shows a login form in which I enter a username and
> password.

Logins are generally made in one of two ways:

 A) a HTML page with a <form> and with a field for user name and password

 B) using HTTP Basic authentication, based on HTTP headers

If the site uses method A, you'll need to perform a POST (-d) and then most
likely keep track of cookies to move on to the actual file to download.

If the site uses the B way, you only need to use -u correctly.

> Just running 'curl https://www.mysite.com/here' gives me this error:
>
> curl: (35) SSL: error:0D07908D:asn1 encoding routines:ASN1_verify:unknown
> message digest algorithm
>
> I've downloaded the ca-cert-bundle.pem but I have no idea what to do with
> it. There are also sites showing examples needing my own certificate, but
> I'm not sure how to do this (i know it can be generated with openssl, but i
> dont know what kind, etc).

(If you are on a unix-like operating system, the default CA cert bundle is
usually installed at the same time curl is installed and curl is then using
that one already if you don't tell it otherwise.)

You can:

 A) Disable the check for a valid remote peer certificate with -k. It makes
    the connection less secure of course.

 B) If you are on windows, rename the ca cert bundle to curl-ca-bundle.crt
    and put in it in the same dir as curl and retry.

 C) Use --cacert ca-cert-bundle.pem

-- 
 Daniel Stenberg -- curl, cURL, Curl, CURL. Groks URLs.
-------------------------------------------------------
Enterprise Linux Forum Conference & Expo, June 4-6, 2003, Santa Clara
The only event dedicated to issues related to Linux enterprise solutions
www.enterpriselinuxforum.com
Received on 2003-05-06