cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: Download SSL Server Certificate?

From: Boris Lenz <boris.lenz_at_ims.sells.ch>
Date: Tue, 6 Oct 2015 23:36:18 +0200

On Tue, October 6, 2015 23:23, Daniel Stenberg wrote:
> I cannot parse this. The *server* needs to accept the certificate your
> client
> presents? Then you need a client certificate and you cannot just download
> one
> from the server. What would be the purpose of client certs if you could do
> that?

I'm not an expert on SSL by any means, but the way I understand the "SSL
handshake process" is that the server sends its certificate first. If
client authentication is required, the client will then send its
certificates. This will fail here, but at that time, I, as the client,
already received the server's certificate. Correct me if I'm wrong.

Regards,
Boris

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2015-10-06