curl-users
The -k/--insecure option seems to be ignored in PERL
Date: Mon, 19 Oct 2009 09:11:09 -0400
Hi all - I'm trying to implement a PERL script which use the curl command
line on Windows. The curl invocation from within PERL seems to ignore the
-k / --insecure option when the cook-jar is involved. The same invocation
of curl from the command line prompt executes successfully and I get
cookies from the target url.
When I run code something like this (I've changed the host that I really
use for this sample) I get this error and no cookies
use strict ;
use warnings ;
use FindBin qw($Bin) ;
use lib "$Bin" ;
my ($COOKIES,$curlopts,$url,$HOST,$curl,) ;
$curl = $Bin."/curl/bin/curl.exe" ;
$HOST = "https://mysite.ibm.com:9443/jazz" ; # Not the real site of
course
$COOKIES = "cookies.txt" ;
$url = "/authenticated/identity" ;
$curlopts = "-k -c $COOKIES ".'"'.$HOST.$url'"' ;
unlink $COOKIES ;
system($curl $curlopts) ;
curl: (60) SSL certificate problem, verify that the CA cert is OK.
Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
-k -L -b ./cookies.txt -c ./cookies.txt -d j_username=thloeber_at_us.ibm.com
-d j_password=at602f7b "
https://rtpariadne.raleigh.ibm.com:9443/jazz/authenticated/j_security_check
"
curl: (60) SSL certificate problem, verify that the CA cert is OK.
Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
Fetching rootservices for https://rtpariadne.raleigh.ibm.com:9443/jazz
curl: (60) SSL certificate problem, verify that the CA cert is OK.
Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
But when I run this from the command line all is well and I get cookies
and no warning.
curl.exe -k -c cookies.txt "
https://mysite.ibm.com:9443/jazz/authenticated/identity"
Regards,
Tom Loeber
SWG Strategy and Technology SW Development Tools
Rational Tools Internal Deployment Lead
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2009-10-19