cURL / Mailing Lists / curl-library / Single Mail


Re: cert verification problem on curl handle re-use

From: Michael Barton <>
Date: Wed, 23 Jan 2013 04:59:50 -0600

On Jan 22, 2013, at 3:45 PM, Daniel Stenberg wrote:

> If you truly want to find the problem or perhaps the subsequent fix in curl, then I'd recommend building a more modern version from source and see if it works with the same OpenSSL version. Then bisect your way back to the breakage.

Good idea.

"curl_easy_reset() now resets the CA bundle path correctly"

Sounds right. And if I manually set CURLOPT_CAINFO after a curl_easy_reset, it starts working.

Unfortunately, there doesn't seem to be any way to get at the cert file curl should be using. I may just detect that specific version of libcurl and set the CAINFO to "/etc/pki/tls/certs/ca-bundle.crt" and hope for the best.

> Personally I'm not able to bother about bugs in very old curl releases.

Understandable. I was just hoping it was a known problem with a workaround, since RHEL/CentOS 5 is still widely deployed (apparently by a bunch of my users).

- Mike

List admin:
Received on 2013-01-23