Re: cert verification problem on curl handle re-use
Date: Sun, 20 Jan 2013 15:14:23 +0100
On 20-01-13 13:17, Michael Barton wrote:
> I'm having a problem with libcurl that so far seems to only happen on
> CentOS/RHEL 5.8 (libcurl 7.15.5 and openssl 0.9.8e). The first https
> request I make on a curl handle succeeds, but all subsequent requests give
> me a cert verification failure. If I disable CURLOPT_SSL_VERIFYHOST or
> make a new curl handle for each request, everything works fine. But
> obviously I'd prefer to avoid those. If anyone has ideas on fixing this,
> I'd love to hear them.
> This is enough to reproduce the problem:
> - Mike
This site is a bad example. I'm getting a 404 when I try that link. I
believe the first call worked, the other 5 subsequent calls didn't. This
could be a side effect of this URL.
I change to my work's URL being "https://www.nikhef.nl/" and it worked on my
laptop. So your code should've worked too, but my libcurl is 7.28-1 and
using DarwinSSL at the moment.
I moved it to my CentOS 5 VM and observe the exact same problem. I'm using
the same stock libcurl version there and indeed something is not right. My
second call to my URL failed.
I believe the OpenSSL context is not reset properly or something along those
lines in the version curl-7.15.5-15.el5.
My intermediate conclusion is that this problem is solved in a future
version of libcurl.
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature