Buy commercial curl support. We
help you work out your issues, debug your libcurl applications, use the API,
port to new platforms, add new features and more. With a team lead by the
curl founder Daniel himself.
Re: Help Understanding curl and tls/ssl certificates
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Michael Newman via curl-users <curl-users_at_lists.haxx.se>
Date: Thu, 20 Jun 2024 15:50:00 +0700
Ah, there’s just one more thing.
After I fixed the url scheme on the Pies, I got this error:
* Connected to mgnewman.com (192.254.225.101) port 22 (#0)
* SSH MD5 fingerprint: 4b17cad500a405c850e118c1deec0f96
* SSH host check: 2, key: <none>
So, I used ssh-keyscan to update my known_hosts file. Now it works. But I still have to wonder how it worked before? I guess because curl was using ftp rather than sftp.
The mind boggles a bit.
> On Jun 20, 2024, at 2:55 PM, Dan Fandrich via curl-users <curl-users_at_lists.haxx.se> wrote:
>
> On Thu, Jun 20, 2024 at 02:36:27PM +0700, Michael Newman via curl-users wrote:
>> The URL I was using is this: host=sftp://ftp.mgnewman.com/~/public_html/
>>
>> If I use this instead: host=sftp://mgnewman.com/~/public_html/
>>
>> Then the error message ("curl failed to verify the legitimacy of the server….”)
>> goes away.
>>
>> I don’t understand why I was able to use the “wrong” url scheme for years
>> without ever getting an error message. What could have caused the error to just
>> suddenly appear the day before yesterday?
>
> Actually, I just realized I read the port number in the error message wrong
> (port 22 is ssh/sftp but I read 21 which is ftp/ftps). So, the command was
> actually using the right protocol. curl will talk ftp to a host name starting
> with ftp if a scheme isn't given, which is what I thought might be happening.
> By providing the sftp: scheme curl will stop guessing and do sftp.
>
> The fact that you got different results at different times implies that they
> were doing some kind of work on the servers. But maybe they were working on the
> ftp servers and didn't expect sftp clients to be using them. In any case, I'm
> glad you got the problem solved.
>
> Dan
> --
> Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-users
> Etiquette: https://curl.se/mail/etiquette.html
Received on 2024-06-20
Date: Thu, 20 Jun 2024 15:50:00 +0700
Ah, there’s just one more thing.
After I fixed the url scheme on the Pies, I got this error:
* Connected to mgnewman.com (192.254.225.101) port 22 (#0)
* SSH MD5 fingerprint: 4b17cad500a405c850e118c1deec0f96
* SSH host check: 2, key: <none>
So, I used ssh-keyscan to update my known_hosts file. Now it works. But I still have to wonder how it worked before? I guess because curl was using ftp rather than sftp.
The mind boggles a bit.
> On Jun 20, 2024, at 2:55 PM, Dan Fandrich via curl-users <curl-users_at_lists.haxx.se> wrote:
>
> On Thu, Jun 20, 2024 at 02:36:27PM +0700, Michael Newman via curl-users wrote:
>> The URL I was using is this: host=sftp://ftp.mgnewman.com/~/public_html/
>>
>> If I use this instead: host=sftp://mgnewman.com/~/public_html/
>>
>> Then the error message ("curl failed to verify the legitimacy of the server….”)
>> goes away.
>>
>> I don’t understand why I was able to use the “wrong” url scheme for years
>> without ever getting an error message. What could have caused the error to just
>> suddenly appear the day before yesterday?
>
> Actually, I just realized I read the port number in the error message wrong
> (port 22 is ssh/sftp but I read 21 which is ftp/ftps). So, the command was
> actually using the right protocol. curl will talk ftp to a host name starting
> with ftp if a scheme isn't given, which is what I thought might be happening.
> By providing the sftp: scheme curl will stop guessing and do sftp.
>
> The fact that you got different results at different times implies that they
> were doing some kind of work on the servers. But maybe they were working on the
> ftp servers and didn't expect sftp clients to be using them. In any case, I'm
> glad you got the problem solved.
>
> Dan
> --
> Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-users
> Etiquette: https://curl.se/mail/etiquette.html
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-users Etiquette: https://curl.se/mail/etiquette.html
- application/pkcs7-signature attachment: smime.p7s