cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: VERIFYPEER, -k, --insecure, etc.

From: Ryan Graciano <rmgraci_at_gmail.com>
Date: Wed, 17 Sep 2008 17:21:11 -0500

Thanks Dan. It does look like it changes. It used to be "curl:
(35)", and now it's "curl: (58)".

* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Request CERT (13):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS handshake, CERT verify (15):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS alert, Server hello (2):
* error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
* Closing connection #0
curl: (58) error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca

On Wed, Sep 17, 2008 at 1:24 PM, Dan Fandrich <dan_at_coneharvesters.com> wrote:
> On Wed, Sep 17, 2008 at 01:11:44PM -0500, Ryan Graciano wrote:
>> Thanks for your help Dan. This has been a difficult issue to run down.
>>
>> I'm able to compile OpenSSL, but I can't replace the version I already
>> have. It should be fine for them to coexist just for testing, though.
>> Is there any easy way for me to tell cURL to use the new version?
>> Our cURL seems to be compiled to look for libssl.so. Do I need to
>> compile a new cURL that uses the static lib instead, or is there some
>> environment variable or something like that I can use to redirect it
>> to the correct libs?
>
> The patch I supplied was for curl, BTW, not OpenSSL. There's a section
> in the INSTALL document on compiling with OpenSSL. Briefly, set
> PKG_CONFIG_PATH appropriately, use "--with-ssl" on the configure command
> line, and make sure pkg-config is present. Linking statically with
> OpenSSL isn't supported by default. You can just link dynamically and
> then set LD_LIBRARY_PATH to the new OpenSSL libraries.
>
>>>> Dan
> --
> http://www.MoveAnnouncer.com The web change of address service
> Let webmasters know that your web site has moved
>
Received on 2008-09-18