cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: ftps and certs

From: Maury Markowitz <maury.markowitz_at_gmail.com>
Date: Wed, 5 Dec 2007 12:40:05 -0500

On Dec 4, 2007 1:36 PM, Dan Fandrich <dan_at_coneharvesters.com> wrote:

> Looks like it. Can you use the bundle against an https site?

Like a champ!

> If so, then your server is probably using a self-signed certificate which
> you have to get from them. If you send us the output of your curl ftp command
> with the -v option, it will say.

Ok, here goes, I've clipped off a few lines from the top...

Time = 12:34:39
> AUTH SSL
< 234 AUTH TLS-P/SSL OK.
* successfully set certificate verify locations:
* CAfile: o:\cacert.pem
  CApath: none
* SSLv2, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS alert, Server hello (2):
* SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify faile
d
* Closing connection #0

Assuming this is the problem that you've mentioned, how do I determine
what type of cert file I have been given? When I look inside the
cacert file I see a series of two basic structures, a description in
an indented format, and the a block of encoded data (BASE64?). When I
look inside the file I was given, I see a series of just the encoded
data.

Thanks for all the help BTW, this stuff is much more technical than I
suspected... which I guess is why it's so underutilized.

Maury
Received on 2007-12-05