On Wed, 5 Mar 2003, WL Reyes- Bruce wrote:

> > Try setting CURLOPT_SSL_VERIFYHOST to 1 or even 0 as a test. That's what
> > the curl tool does when -k/--insecure is used.
>
> [Wina responds] I added that after setting the CURLOPT_SSL_VERIFYPEER to
> FALSE and it worked. Now I get the HTML page.

Then, can you again set it to 1 and use CURLOPT_ERRORBUFFER to get the error
message as well? I think it'll pinpoint the cause of this a little better.

The error seems to indicate a problem with the server certificate.

> [Wina responds] Now I just need to figure out how to set it to work with
> this server certificate. What is the expected format for the CURLOPT_CAINFO
> file? I tried using PEM format, but the verification failed.

It is PEM formatted. Check out the lib/ca-bundle.crt file to see how the
distributed bundle looks like.

> Can you point me to a more complete example of how to use CURLOPT_CAINFO? I
> do need the verification part, otherwise it is not as secure.

Check out how the curl tool code uses it: src/main.c

-- 
 Daniel Stenberg -- curl, cURL, Curl, CURL. Groks URLs.
-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger 
for complex code. Debugging C/C++ programs can leave you feeling lost and 
disoriented. TotalView can help you find your way. Available on major UNIX 
and Linux platforms. Try it free. www.etnus.com