curl / Mailing Lists / curl-users / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.


From: Vikram Darsi via curl-users <>
Date: Thu, 25 Mar 2021 05:55:58 +0000


Thanks for your inputs Daniel Stenberg

Now I have made curl to have openssl as its TLS backend, it started working.


-----Original Message-----
From: Daniel Stenberg <>
Sent: Wednesday, March 24, 2021 12:38 PM
To: Vikram Darsi via curl-users <>
Cc: Vikram Darsi <>

External email: []

On Wed, 24 Mar 2021, Vikram Darsi via curl-users wrote:

> curl --verbose -vvv -i --resolve
> --cacert ca.cer --cert ./client.cer --key client.key -H "Accept:
> multipart/mixed" -H
> "Content-Type: application/json" -X POST -d '{"auth-token":"CA151"
> ,"sw-version":"20.1.1"}'

1. "-vvv" doen't add more verbose, it's a boolean. -v is enough 2. "-X POST" is not helping when you use -d

> I have written a sample java program, to verify whether the server
> certificate is signed by this public-key, this test is passed. python
> requests library also confirms that the certificate is valid

I bet neither of those use NSS ?

> curl version used : curl 7.29.0 (x86_64-redhat-linux-gnu)
> libcurl/7.29.0
> NSS/3.53.1 zlib/1.2.7 libidn/1.28 libssh2/1.8.0

An eight year old curl with a less than one year old NSS?

This is probably rather an NSS issue and not a curl one. You can verify that easily by for example trying a curl built with OpenSSL instead and see how that runs.

I suspect your issue is with NSS and using PEM files. As this very old RedHat bug hints at least, it only supports RSA [1] and maybe you're not using that?

[1] =;!!PIqRGrUndTen!S3iD6_KJRTt-VH3wG-cR5AHrEkMphl3S0xq5F7-TrWp4f3oaxPkYQ0Sf5CeN$

  | Commercial curl support up to 24x7 is available!
  | Private help, bug fixes, support, ports, new features
Please see our privacy statement at for details of how ADVA processes personal information.
Received on 2021-03-25