cURL / Mailing Lists / curl-library / Single Mail

curl-library

Connecting using client certificates

From: plot.lost <plot.lost_at_gmail.com>
Date: Mon, 21 Mar 2011 20:07:00 +0400

I am trying to connect to a systems (https) that requires client
certificates, using the curl_easy interface.

I think I've set the required options (CURLOPT_SSLCERT and
CURLOPT_SSLKEY) but the connection gets rejected.

According to the system I am connecting to, it's because the client
certificate "does not have the chaining setup. The Root and CA should be
trusted"

Now, I thought that the server held these and uses them to verify the
client certificate. If that is not the case, does anyone have any clues
as to what I need to do? I've tried adding the CA and Root certificates
into the same file that holds the client certificate, that made no
difference. Is there an additional curl_easy_setopt that needs to be
done to add this "chaining setup"?

I can confirm that the client certificate has been signed by the correct
CA, but for some reason the system rejects the connection and this is
the reason they give.

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-03-21

This message: [ Message body ]
Next message: Ben Noordhuis: "Re: Connecting using client certificates"
Previous message: chirayu joshi: "Re: Stall when uploading to sftp using multi interface"
Next in thread: Ben Noordhuis: "Re: Connecting using client certificates"
Reply: Ben Noordhuis: "Re: Connecting using client certificates"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]