cURL / Mailing Lists / curl-library / Single Mail


Re: curl_easy_perform() fails with "Problem with the SSL CA cert (path? access rights?)" after first time calling this routine

From: Yang Tse <>
Date: Sat, 16 Mar 2013 01:58:39 +0100

On Fri, Mar 15, 2013 at 9:26 PM, cnm marketing <> wrote:

>>The problem is in the certificate you are using which does not have a long
>> enough Diffie-Hellman key.
> [cnm] I don't understand what you are refering to, please give a bit more
> details.

Assuming that the certificate file you are using is
'/usr/temp/cert.pem' and that you have openssl installed you can
verify DH parameters running following command:

openssl dhparam -in /usr/temp/cert.pem -noout -text

If it has DH parameters you should see output similar to:

PKCS#3 DH Parameters: (1024 bit)
    generator: 2 (0x2)

If yours does not have DH Parameters or these are less than (1024
bit), ask whoever provided you with cert.pem to give you another PEM
file which includes 1024 bit DH parameters.


List admin:
Received on 2013-03-16