-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>Date: Fri, 16 Feb 2007 22:19:34 +0100 (CET)
>From: Daniel Stenberg <daniel_at_haxx.se>
>
>On Fri, 16 Feb 2007, Alexander Belchenko wrote:
>
>> c.setopt(c.SSLCERT, "cacert.pem")
>
>That's the wrong option, you don't want to set it to be a client cert. You
>want the CAINFO option.
>
>And BTW, there _is_ a ca cert bundle in the curl source code package.

OK. I download curl source code archive and found ca-bundle.crt file.
I copy this file to the directory with my testing script.
I'm also change my script to use CAINFO option:

t = Test()
c = pycurl.Curl()
c.setopt(c.URL, 'https://launchpad.net')
c.setopt(c.WRITEFUNCTION, t.body_callback)
c.setopt(c.CAINFO, 'ca-bundle.crt')
c.perform()
c.close()

Now it works. Thank you.

But when I don't pass this option in my script I anyway have the same error
about certificate problem.

I read this page: http://curl.haxx.se/docs/sslcerts.html
and section 4 says that curl library will find certificate bundle file
automatically. Unfortunately pycurl on my Windows don't want to automatically
find cert bundle.

I try this variants with no luck:
* rename ca-bundle.crt to curl-ca-bundle.crt
* rename curl-ca-bundle.crt to curl_ca_bundle.crt
* set environment variable CURL_CA_BUNDLE=full/path/to/curl-ca-bundle.crt
* copy curl-ca-bundle.crt to C:\Windows\system32

Does this means that I always need to specify bundle file manually?
Or it's a bug in pycurl? Or it's a bug in windows version of pycurl?

- --
Alexander

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFF105zzYr338mxwCURAvtCAJ9Wd8s9JjFpE8L3QFzN/X8yO99dmQCfedS5
LwtWDahfpJJmv7nQJ9B5BTM=
=OXB5
-----END PGP SIGNATURE-----
_______________________________________________
http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-python
Received on 2007-02-17