cURL / Mailing Lists / curl-library / Single Mail


Re: Passing memory blocks instead of file names to curl_easy_setopt

From: Mayur Srinivasan <>
Date: Mon, 2 Aug 2010 16:08:13 -0700

Thanks for the reply. Yes, I'm trying to pass in binary data.

As suggested, I've also explored the CURLOPT_SSL_CTX_FUNCTION option, and
managed to get the root certificate read using the PEM_read_bio_X509 API, as
explained in the example:

However, I'm not sure how to read in the client key and certificate using
the *_read_bio_* APIs. Any example to illustrate it would be helpful.


On Mon, Aug 2, 2010 at 3:48 PM, Kamil Dudka <> wrote:

> On Tuesday 03 August 2010 00:30:47 Mayur Srinivasan wrote:
> > Is there a way to setup libcurl to use the root certificate, the client
> > certificate and the client key from memory buffers rather than files?
> > For example:
> > Instead of using file names, I'd like to pass in memory blocks:
> > curl_easy_setopt(m_curl_handle, CURLOPT_SSLCERT, m_pClientCert);
> What does actually contain m_pClientCert? Is it text or binary data? If
> it
> is text, it will be trated as file name (or nickname in case of NSS). If
> it
> is binary data, it may crash badly.
> > curl_easy_setopt(m_curl_handle, CURLOPT_SSLKEY, m_pClientKey);
> > curl_easy_setopt(m_curl_handle, CURLOPT_CAINFO, m_pClientRootCert);
> >
> > I tried this, I get the error: unable to use client certificate (no key
> > found or wrong pass phrase?)
> > The same APIs work if I use file names.
> The documentation sounds clear to me:
> I don't think there is a way to do waht you need through libcurl's API
> enough generically. You can of course try to use the underlying SSL
> library
> directly for that purposes, but your code will depend on the particular
> library and break as soon as libcurl is built on top of different SSL
> library. If you want to play with that, try the following option:
> Kamil

List admin:
Received on 2010-08-03