cURL / Mailing Lists / curl-library / Single Mail


Re: HTTPS fetch using client-cert?

From: Daniel Stenberg <>
Date: Mon, 30 Oct 2000 08:44:40 +0100 (MET)

On Sun, 29 Oct 2000, Scott Cantor wrote:

> Has anybody had success using the curl -E option (or libcurl equivalent) to
> generate an HTTPS request with a client-side cert?

Yes. I have, and I've heard others too.

> I'm getting a generic "couldn't use certificate!" error, but nothing
> specific logged from the SSL_cert_stuff function in ssluse.c

I guess there's room for improvement in the area of error reporting on SSL.

> After looking at the code in that function, it looks to me like the code
> is expecting a single file to contain both the certificate and the RSA
> private key, which seems odd to me.

This is also stated in the docs. It is a little odd, I agree. I just never
got around to add support to specify them in two files. (I don't want to
waste another short-option why I want it to somehow be a format for the -E

> It might be possible to get OpenSSL to do that (don't know how) but
> ordinarily one wouldn't anyway.

They're two ASCII files. You can easily merge them with 'cat one two >three'.

  Daniel Stenberg -- curl project maintainer --
Curl-library mailing list
Received on 2000-10-30