curl-users
Re: Curl failed to authenticate CA server certificate
Date: Fri, 18 Jan 2019 10:50:45 +0100 (CET)
On Fri, 18 Jan 2019, Deepak SP wrote:
> curl: (35) error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib
This very cryptic message means that OpenSSL somehow barfed on the certificate
and return an error to curl. It is unfortunately all the info we have on the
error.
I would *suspect* that your certificate is using an outdated algorithm
somewhere or something but I really can't tell for sure.
If you get a ca cert bundle from https://curl.haxx.se/docs/caextract.html and
use that when contacting a regular public HTTPS site, does that work? It
really should.
> It will be very helpful if you can give some guidance why the curl is
> failing here.
To further debug this, I would suggest switching to trying the openssl command
line tool so that you rule out curl's involvement and work directly with
OpenSSL and if the problems remain, you take them to the openssl team.
I'm sorry to have to redirect you somewhere else and I don't mean to "shift
blame", but they are without doubt the better people to answer questions about
what's going on here and why.
-- / daniel.haxx.se ----------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users Etiquette: https://curl.haxx.se/mail/etiquette.htmlReceived on 2019-01-18