cURL / Mailing Lists / curl-users / Single Mail

curl-users

Error message -> unable to get local issuer certificate

From: Joe Python <jopython_at_gmail.com>
Date: Mon, 2 Aug 2010 10:44:11 -0400

I am running curl (insecure mode for FTPS) with the following
arguments Windows XP:

--cert cert.pem:pass_phrase -k --cacert
"C:\Docu~1\Desktop\curl-ca-bundle.crt" -v
--ftp-ssl --sslv3 --ftp-pasv --disable-epsv -u ftp_user:my_secret_pass
-Q "CWD /" "ftp://site.example.com:990/TEST/" -T "Report.csv"

And I get the following output.

----------------------------------------< snip
>-----------------------------------------------------------------------
* Connected to myproxy.host (121.10.11.12) port 80 (#0)
* Establish HTTP proxy tunnel to example.site.com:990
* Server auth using Basic with user 'ftps_user'
> CONNECT example.site.com:990 HTTP/1.1
> Host: example.site.com:990
> User-Agent: curl/7.20.0 (i686-pc-mingw32) libcurl/7.20.0 OpenSSL/0.9.8k zlib/1.2.3
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied OK to CONNECT request
< 220 SUPER FTP Server (java -1.6.00) ready.
> AUTH SSL
< 234 Security data exchange complete.
* successfully set certificate verify locations:
* CAfile: C:\Docu1\Desktop\curl-ca-bundle.crt
CApath: none
* SSLv3, TLS handshake, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Server hello (2):
{ [data not shown]
* SSLv3, TLS handshake, CERT (11):
{ [data not shown]
* SSLv3, TLS handshake, Request CERT (13):
{ [data not shown]
* SSLv3, TLS handshake, Server finished (14):
{ [data not shown]
* SSLv3, TLS handshake, CERT (11):
} [data not shown]
* SSLv3, TLS handshake, Client key exchange (16):
} [data not shown]
* SSLv3, TLS handshake, CERT verify (15):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Finished (20):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
{ [data not shown]

* SSL connection using RC4-SHA
* Server certificate:
* subject: C=US; ST=Texas; L=Austin; O=CHANGED; OU=SITE;
CN=example.site.com
* start date: 2010-07-28 00:00:00 GMT
* expire date: 2011-07-28 23:59:59 GMT
* subjectAltName: example.site.com matched
* issuer: O=VeriSign Trust Network; OU=VeriSign, Inc.;
OU=VeriSign International Server CA -
Class 3; OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
* SSL certificate verify result: unable to get local issuer
certificate (20), continuing any
ay.
> USER ftps_user
--------------------------------< snip >----------------------------------

I am still getting the 'unable to get local issuer certificate'
message inspite of having VeriSign (at the server) and using the
ca-bundle to go with curl.

I AM able to transfer files but only in 'insecure' mode and that is a
security flag in the place I work. Is there a way I can avoid this
message?

Thank you for the help.
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-08-02

This message: [ Message body ]
Next message: Joe Python: "Error message -> unable to get local issuer certificate"
Previous message: Daniel Stenberg: "Re: Different ssl port"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]