cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: curl_easy_perform() fails with "Problem with the SSL CA cert (path? access rights?)" after first time calling this routine

From: Oscar Koeroo <okoeroo_at_nikhef.nl>
Date: Fri, 15 Mar 2013 23:07:18 +0100

On 15-03-13 21:26, cnm marketing wrote:
>>/error:0506706E:Diffie-Hellman routines:GENERATE_KEY:key size too small /
>>libcurl does not fool around with certificate contents nor keys.
> [cnm] libcurl uses openssl, that error message comes from openssl.
>>The problem is in the certificate you are using which does not have a
> long enough Diffie-Hellman key.
> [cnm] I don't understand what you are refering to, please give a bit
> more details. When we use libcurl, we don't set Diffie-Hellman key. We
> are getting the same Diffie-Hellman error message for both
> CURLOPT_SSL_VERIFYPEER to 1 and CURLOPT_SSL_VERIFYPEER to 0. Please
> refer to my previous email thread!!

If you desire assistance in this matter, it would be helpful to follow
the email thread composition guide lines (no top posting) and have a
look at the link presented by Daniel as a first reply in the thread.

May I also point out that there are no other options than
CURLOPT_SSL_VERIFYPEER 0 and 1. We can safely rule out this to be of any
factor in this matter.

The source of the problem is described on the page earlier, at the
bottom of the page there are the first hints about possible solutions
even of which I give it a very high likely hood that this is exactly
what you are facing here.

With respect to the dlopen()/dlsym()/dlclose() being the only way to
load libcurl, I think this is sheer a design choice.

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html

Received on 2013-03-15