cURL / Mailing Lists / curl-library / Single Mail


Re: curl_easy_perform() fails with "Problem with the SSL CA cert (path? access rights?)" after first time calling this routine

From: Yang Tse <>
Date: Fri, 15 Mar 2013 20:14:32 +0100

On Fri, Mar 15, 2013 at 7:59 PM, cnm marketing <> wrote:

>>error:0506706E:Diffie-Hellman routines:GENERATE_KEY:key size too small
> 1. When libcurl uses Diffie-Hellman, does libcurl hardcode the
> Diffie-Hellman key and the length?
> 2. Does libcurl have an option that allow libcurl user to re-set the
> Diffie-Hellman key length?
> We are still wondering (90% convinced) whether the error message has
> something to do with the openssl that is getting loaded from another layer.
> When the openssl is being loaded by another layer, libcurl is trying to use
> that openssl context and find the key size (set by libcurl) is too small
> compare to the key set by another layer.

libcurl does not fool around with certificate contents nor keys.

The problem is in the certificate you are using which does not have a
long enough Diffie-Hellman key.

List admin:
Received on 2013-03-15