Changelog Development Documentation Download libcurl Mailing Lists News
cURL / Mailing Lists / curl-users / Single Mail

curl-users

Problems with SSL in xmlrpc-c using curl

From: Leonardo L. P. da Mata <barroca_at_gmail.com>
Date: Tue, 25 Sep 2007 11:08:42 -0300

Hello,

i have looked for information about that in the net, but i couldn't
find the answer.

i'm trying to connect to https server running a xmlrpc application,
but the certificate cannot be correct checked.
the error is:

Error: Curl failed to perform HTTP POST request. curl_easy_perform()
says: SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed (-504)

the source code of the application fails in
die_if_fault_occurred(&env);. The env is filled with the error above.

the source:

char * xmlrpc(char * methodName, char * param1, char * param2 )
{
        xmlrpc_value *response;

        xmlrpc_int returnvalue;

        struct xmlrpc_clientparms clientParms;
        struct xmlrpc_curl_xportparms curlParms;

        curlParms.cainfo = "/etc/apache2/ssl/demoCA/cacert.pem\0";
        
        curlParms.network_interface = "icpedu.lcc.ufmg.br";
        curlParms.no_ssl_verifypeer = 0;
        curlParms.no_ssl_verifyhost = 0;
        curlParms.user_agent = "mypw_app/1.0";

        clientParms.transport = "curl";
        clientParms.transportparmsP = (void*)&curlParms;
        clientParms.transportparm_size = XMLRPC_CXPSIZE(user_agent);
        /* SSL */
        
                
    xmlrpc_env env;
    xmlrpc_client * clientP ;
    xmlrpc_value * resultP ;
    char * sum;
    char * const url = "http://icpedu.lcc.ufmg.br:7080/RPC2";
    char * const url2 = "https://icpedu.lcc.ufmg.br:8668/RPC2";

            /* Initialize our error-handling environment. */
    xmlrpc_env_init(&env);

    xmlrpc_client_setup_global_const(&env);

    xmlrpc_client_create(&env, XMLRPC_CLIENT_NO_FLAGS, NAME, VERSION,
&clientParms, XMLRPC_CPSIZE(transportparm_size), &clientP);

        char * param_format = "(ss)";
        
    /* Make the remote procedure call */
    xmlrpc_client_call2f(&env, clientP, url2, methodName, &resultP,
param_format, param1, param2);
    die_if_fault_occurred(&env);
     ......

}
anyone knows what this error means? What can i do to correct that and use SSL?

i do need to check if the server certficate is correct signed, so i
cannot change this options: no_ssl_verifypeer no_ssl_verifyhost to
1 (true).

thanks for the help. 

-- 
Leonardo Luiz Padovani da Mata
barroca_at_gmail.com
"May the force be with you, always"
"Nerd Pride... eu tenho. Voce tem?"
Received on 2007-09-25