cURL / Mailing Lists / curl-library / Single Mail

curl-library

Using a client certificate when doing SSL

From: Adrian Michel <adrian_at_amichel.com>
Date: Thu, 28 Jan 2010 06:37:47 -0800

Hi,

My app uses libcurl to make https requests based on this example
http://curl.haxx.se/libcurl/c/https.html and I do not use a client side
certificate. My goal is not to authenticate the server, as I also control
the server side, but to ensure the requests and responses are encrypted. I'm
wondering though if not having a client side certificate could make the
application less secure, or have any other unintended consequences.

Also, when using a client certificate with libcurl, is there a way to pass
it from memory instead of a file? Or is it required by the standards that
the cert must be in a file? It would make deployment simpler if the cert was
in a resource inside the executable.

Thanks,

Adrian

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-01-28