cURL / Mailing Lists / curl-users / Single Mail

curl-users

FTPS with self-signed certs.

From: Chris Karel <chris.karel_at_sfmic.com>
Date: Tue, 28 Apr 2009 14:34:33 -0500

  Hi,

        I'm having some troubles getting curl to work with FTPS
connecting to a server with a self-signed certificate. Obviously, I
could use -k to disable server authentication entirely, but I would
really prefer not to. Since the server is out of my control, there
isn't much chance of getting it signed by a proper CA.

        So, is there any way to whitelist this specific cert? Ideally,
some way to say "I know this cert is self-signed, but I trust this one."
This is the same sort of 'permanent accept' you can do with a web
browser. I know I've seen it in other (windows, GUI) FTPS clients, so
hopefully it's something possible with curl? I've tried using --cacert
to point to the certificate itself, but that doesn't seem to work.
(Should it?) Is there any other option?

        At the moment, the SSL negotiation fails with "curl: (60) SSL
certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed".

Thanks,
--Chris Karel

------------------------------------------------------------------------
Confidentiality Notice: This e-mail message including any attachments is intended only for the use of the individual or entity to which it is addressed, and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended recipient, any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please contact the sender by reply e-mail and delete or destroy all copies of the original message and attachments. E-mail sent to or from SFM or its subsidiaries may be retained as required by law or regulation.

**Please consider the environment before printing this message.**

-------------------------------------------------------------------
List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2009-04-28