Hello Richard,

Clayton, Richard wrote:
> My customer, the people wanting to me to post to them, have changed their
> requirement and so my error has changed.

> Now:
> curl -F "fileName=@C:\file.txt" -u username:password
> "https://destination.com"

This is HTTPS, without given trusted CA list...

> gives curl: (60) SSL certificate problem, verify that the CA cert is OK
>
> using
>
> curl -k -F "fileName=@C:\file.txt" -u username:password
> "https://destination.com"

This is HTTOS, without peer certificate verification...

> gives curl: (35) SSL: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3
> alert bad certificate

> I assume the problems are all at the remote server end?

Seems to be.

My first ideas:
* the remote host name does not match the CN set in the certificate
* the certificate is not valid (expired?)
* the extensions are set wrong.
   * Are there are any unknown critical extensions ?
   * Is the key usage set wrong ?
     openssl verify -purpose sslserver -CAfile fred.pem remote_cert.pem
     would help.

Bye

Goetz

-- 
Goetz Babin-Ebell, TC TrustCenter AG, http://www.trustcenter.de
Sonninstr. 24-28, 20097 Hamburg, Germany
Tel.: +49-(0)40 80 80 26 -0,  Fax: +49-(0)40 80 80 26 -126

-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf