cURL / Mailing Lists / curl-users / Single Mail

curl-users

RE: alert certificate expired

From: Steven Shourds <srs_at_perfectionsoftware.com>
Date: Tue, 1 Nov 2011 07:29:48 -0400

On Mon, Oct 31, 2011 at 6:16 PM, Steven Shourds <srs_at_perfectionsoftware.com>
wrote:

On Mon, Oct 31, 2011 at 05:20:30PM -0400, Steven Shourds wrote:
> [Steve Shourds] yes, we have been looking for an expired certificate, but
> cannot find any expired certificates.
>

[Steve Shourds]
[Steve Shourds] Here is the output. I still don't get what the problem is?
C:\TECH\curl>curl -I -v https://omsjms.asp.dupont.com/Comergent/jmsorders
<https://omsjms.asp.dupont.com/Comergent/jmsorders%0d%0a--insecure>
--insecure

How do you normally connect to that site?? Do you have a client
certificate for authenticating to the server??

Ralph Mitchell

[Steve Shourds] Yes.

[Steve Shourds] C:\TECH\curl>curl -v
https://omsjms.asp.dupont.com/Comergent/jmsorders -E
C:\Dupont\Certs\NewVerCert20090528\Ver2009.pem

* About to connect() to omsjms.asp.dupont.com port 443 (#0)

* Trying 52.124.17.140... connected

* successfully set certificate verify locations:

* CAfile: C:\TECH\curl\curl-ca-bundle.crt

CApath: none

* SSLv3, TLS handshake, Client hello (1):

* SSLv3, TLS handshake, Server hello (2):

* SSLv3, TLS handshake, CERT (11):

* SSLv3, TLS handshake, Server key exchange (12):

* SSLv3, TLS handshake, Request CERT (13):

* SSLv3, TLS handshake, Server finished (14):

* SSLv3, TLS handshake, CERT (11):

* SSLv3, TLS handshake, Client key exchange (16):

* SSLv3, TLS handshake, CERT verify (15):

* SSLv3, TLS change cipher, Client hello (1):

* SSLv3, TLS handshake, Finished (20):

* SSLv3, TLS alert, Server hello (2):

* error:14094415:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate
expired

* Closing connection #0

curl: (35) error:14094415:SSL routines:SSL3_READ_BYTES:sslv3 alert
certificate expired

But my client certificate is not expired. It is good until 6/19/2012. Is
there a command I can run on my client certificate to validate all that?

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-11-01

This message: [ Message body ]
Next message: Seamus Abshere: "FTPS upload to SecureTransport (SITE AUTH ok, but client certificates not working?)"
Previous message: Dan Fandrich: "Re: alert certificate expired"
In reply to: Ralph Mitchell: "Re: alert certificate expired"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]