curl-library
libcurl SSL Certificate fingerprint
From: Padam J Singh <me_at_padamj.com>
Date: Mon, 09 Apr 2007 11:28:44 +0530
I am trying to build an application using libcurl that connects to a server using https that has a self signed certificate.
What I am trying to do is that the first time the application connects to the server, it stores the certificate fingerprint (md5 or sha1) of the certificate. Every time a SSL connection is made I would check if the fingerprint has changed.
I have been experimenting with CURLOPT_SSL_CTX_FUNCTION, but with no success. I have compiled libcurl with OpenSSL support and have tested it to work with VERIFY_PEER and VERIFY_HOST turned off.
So in the end, how to do I intercept the verification process, and compare the fingerprints?
Any help in this direction would be great...
Thanks,
Padam.
Received on 2007-04-09
Date: Mon, 09 Apr 2007 11:28:44 +0530
I am trying to build an application using libcurl that connects to a server using https that has a self signed certificate.
What I am trying to do is that the first time the application connects to the server, it stores the certificate fingerprint (md5 or sha1) of the certificate. Every time a SSL connection is made I would check if the fingerprint has changed.
I have been experimenting with CURLOPT_SSL_CTX_FUNCTION, but with no success. I have compiled libcurl with OpenSSL support and have tested it to work with VERIFY_PEER and VERIFY_HOST turned off.
So in the end, how to do I intercept the verification process, and compare the fingerprints?
Any help in this direction would be great...
Thanks,
Padam.
Received on 2007-04-09