curl / Mailing Lists / curl-users / Single Mail

curl-users

Re: A error log when used the curl command tool in embedded linux device

From: Ray Satiro via curl-users <curl-users_at_cool.haxx.se>
Date: Tue, 13 Dec 2016 02:49:44 -0500

On 12/12/2016 9:25 PM, 杨俊 wrote:
> /tmp # ./curl -v --cacert /tmp/cacert.pem https://curl.haxx.se/
> * Trying 80.67.6.50...
> * TCP_NODELAY set
> * Connected to curl.haxx.se <http://curl.haxx.se> (80.67.6.50) port
> 443 (#0)
> * ALPN, offering h2
> * ALPN, offering http/1.1
> * Cipher selection:
> ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
> * successfully set certificate verify locations:
> * CAfile: /tmp/cacert.pem
> CApath: none
> * TLSv1.2 (OUT), TLS handshake, Client hello (1):
> * TLSv1.2 (IN), TLS handshake, Server hello (2):
> * TLSv1.2 (IN), TLS handshake, Certificate (11):
> * TLSv1.2 (OUT), TLS alert, Server hello (2):
> * SSL certificate problem: unable to get local issuer certificate
> * Curl_http_done: called premature == 1
> * stopped the pause stream!
> * Closing connection 0
> curl: (60) SSL certificate problem: unable to get local issuer certificate

Maybe that's a really old certificate bundle? Does your system have a
default ca bundle? I tried a bundle from 2015 and it works ok to verify
curl.haxx.se. Get the latest cacert.pem from
https://curl.haxx.se/docs/caextract.html and if it still doesn't work
reply with your curl -V.

-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-users
FAQ: https://curl.haxx.se/docs/faq.html
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-12-13