curl-library
Re: ASN1 (DER) key does not work
Date: Thu, 13 May 2004 17:52:29 -0700
Daniel,
Can we fix this? There are two options:
a.) To try SSL_CTX_use_RSAPrivateKey_file function and see if it works
with both PEM and DER encoded private keys.
b.) Remove support for DER from curl, since it looks like it was never
tested.
I can work on this, if you are interested. Let me know?
Regards
-Seshubabu Pasam
Seshubabu Pasam wrote:
>
> Hi there,
>
> I am trying to use ASN1 (DER) encoded private key file and client
> certificate. libCurl fails with error:
>
> unable to set private key file: 'client-key.der' type DER
>
> I was checking to see what went wrong. Curl calls
> SSL_CTX_use_PrivateKey_file to set the private key. Looks like this
> function does not support ASN1 encoding. Here is the code snippet from
> OpenSSL.
>
> if (type == SSL_FILETYPE_PEM) {
> ...
> } else {
> SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
> goto end;
> }
>
> Curl should probably use SSL_CTX_use_RSAPrivateKey_file which supports
> both PEM and DER. I am not sure about the downside of using this
> function! May be it just supports (RSA and not DSA?) Comments?
>
> Regards
> -Seshubabu Pasam
>
Received on 2004-05-14