cURL / Mailing Lists / curl-library / Single Mail


Re: CA Certificates on Windows

From: Ben Noordhuis <>
Date: Thu, 19 May 2011 16:03:09 +0200

2011/5/19 Michal Lukáč <>:
> I'm using the latest win32 binary of the libcurl library to
> provide a HTTPS backend to a larger application (essentially, just to send a
> POST request to a CGI script and parse a reply). The problem, however, is
> that I can't seem to verify the server's CA certificate.
> Since I'm not using the curl command line tool and the application should be
> distributable without needing to install it, I was looking into options of
> directly feeding the CA certificate to the library. The root certificate is
> stored in windows cert storage, which I understand libcurl with OpenSSL
> cannot directly access. I have tried exporting it as PEM and then using
> CURLOPT_CAINFO to set this certificate as the certificate bundle, but that
> simply fails with error 77 on curl_easy_perform without much explanation
> (setting CURLOPT_CAPATH to NULL or the proper directory makes no
> difference).
> What is the correct way to do this, then?

I would start with some test requests through `openssl s_client` to
check if the PEM file is actually understood by OpenSSL.

List admin:
Received on 2011-05-19