Hi all,

I've built libcurl with Darwin SSL (configured with the '--with-darwinssl' option). The sunny-day scenarios of using trusted certificates works just fine. Problem is that it does not seem to recognize self-signed certificates - I get a -9824 error (errSSLPeerHandshakeFail) from the Mac OS X Security / Secure Transport framework. Has anyone tried this successfully? i.e. use libcurl with Darwin SSL and self-signed certs?

This is what I've done to import the cert into the Security Keychain -

1. Opened Keychain Access and imported the cert (in .pem format with ---BEGIN CERTIFICATE---, ---END CERTIFICATE--- tags) to 'System' and 'login' Keychains.

2. I read a post that said it needs to be in the X509Anchors Keychain, which I did not see. So I created a new Keychain called 'X509Anchors' and imported it into that Keychain as well.

3. Opened my self-signed certificate in Keychain Access, expanded the 'Trust' section, and selected 'Always Trust'

4. Read about deleting ~/Library/Preferences/com.apple.security.* and did that.

Thanks,
Arun.

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-08-16