curl-users
Re: Problem with selfsigned cert
Date: Mon, 28 Feb 2011 00:25:31 -0800 (PST)
--- On Sat, 2/26/11, Daniel Stenberg <daniel_at_haxx.se> wrote:
> > I can successfully run:
> >
> > curl -k -E mypem.pem:sekret https://foo.bar:886/test.php
> >
> > but I would like to skip the -k switch.
> >
> > I have done
> > openssl s_client -connect foo.bar:886 |tee logfile
> > and
> > openssl x509 -inform PEM -in logfile -text -out
> certdata
> >
> > shows some reasonable data when I look in the file
> certdata
>
> Right, but you got the server's certificate, that's not the
> CA cert you need
> for verifying that server's certificate.
>
> I don't have any conveniant command lines for that lying
> around...
Ah, but if I have created the CA cert my self then I can just use the file: "my_imaginary_ca_cert.crt"
and that worked!
Great.
I'm no security expert, but are there any security implications in making the CA cert public?
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-02-28