cURL / Mailing Lists / curl-and-php / Single Mail

curl-and-php

Re: CA Bundle problem

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Tue, 8 Mar 2011 13:37:39 +0100 (CET)

On Tue, 8 Mar 2011, Devel wrote:

> [root_at_mail apache]# openssl s_client -CAfile /etc/pki/tls/cert.pem -host
> www.paypal.com -port 443

... OpenSSL can verify that host using that ca bundle.

> [root_at_mail apache]# curl -v --cacert /etc/pki/tls/cert.pem
> * Initializing NSS with certpath: /etc/pki/nssdb
> * Peer certificate cannot be authenticated with known CA certificates

... NSS fails to verify that host. This shows curl was built to use NSS for
the SSL stuff and not OpenSSL.

> Where is the problem?

First, as you're using the curl command line tool and not PHP I think the
curl-users list might be a better place to discuss your problem.

Then, you're leaving out a busload of info that we need: what Linux distro is
this? Did you build libcurl yourself or use one from your distro?

-- 
  / daniel.haxx.se
_______________________________________________
http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php

Received on 2011-03-08

This message: [ Message body ]
Next message: Devel: "Re: CA Bundle problem"
Previous message: Devel: "CA Bundle problem"
In reply to: Devel: "CA Bundle problem"
Next in thread: Devel: "Re: CA Bundle problem"
Reply: Devel: "Re: CA Bundle problem"
Reply: Devel: "[Solved] Re: CA Bundle problem"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]