cURL / Mailing Lists / curl-users / Single Mail

curl-users

Proper way to use enterprise root certificate (update default CA bundle)

From: Ray Van Dolson <rvandolson_at_esri.com>
Date: Mon, 31 Dec 2012 17:58:07 -0800

Hello;

I'd like to _add_ our Enterprise Root certificate to the default list of
certs curl trusts when doing HTTPS.

I've reviewed the sslcerts instructions[1] but still have a few
questions as to the best way to implement.

I'm using RHEL 5.x's curl (7.15.5).

Will my version of libcurl honor the /etc/pki/tls/certs/<hashname>.0
file as specified by OpenSSL? I'm trying to avoid needing to modify my
/etc/pkt/tls/certs/ca-bundle.crt file if at all possible.

Any other tips on ways to convince curl to use not only the default
CA bundle (which it does by default) but also additional certs? The
CURL_CA_BUNDLE environment variable and --cacert CLI option might work,
but I think they override the default CA bundle with whatever is
explicitly specified.

Thanks,
Ray

[1] http://curl.haxx.se/docs/sslcerts.html
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-01-01

This message: [ Message body ]
Next message: Gisle Vanem: "'curl -M' idea"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]