cURL / Mailing Lists / curl-library / Single Mail



From: Václav Zeman <>
Date: Mon, 2 Sep 2013 17:04:47 +0200

On 2 September 2013 16:09, Daniel Stenberg wrote:
> On Mon, 2 Sep 2013, Václav Zeman wrote:
>> I am reading the curl_easy_setopt() documentation and I am reading this
>>> ..."DER" format key file currently does not work because of a bug in
>>> OpenSSL.
>> Is this still true? What version of OpenSSL does it include? All of
>> them? Is there an official OpenSSL bug report for this issue?
> I don't know if this is still true and I don't know if it ever was an
> OpenSSL issue filed. Feel free to dig into the issue and let us know what
> you find! I suspect it hasn't been scrutinized in detail by very many
> people...
> The source of that information is this:
> and it was added to the
> documentation in git commit 23a43c6e.

Alright, I have done some digging and it appears that the missing
functionality has been implemented in later released of OpenSSL. Here
is a quote from OpenSSL 0.9.8y source package's CHANGES file:

Changes between 0.9.7h and 0.9.8 [05 Jul 2005]
  *) Add support for DER encoded private keys (SSL_FILETYPE_ASN1)
     to SSL_CTX_use_PrivateKey_file() and SSL_use_PrivateKey_file()
     [Walter Goulet]

Here is a link to what appears to be the commit that implemented the
above: <;a=commitdiff;h=dc0ed30cfeb37d64fc2bd26887b19e0898a96bde>

I have not done any actual testing, though.

List admin:
Received on 2013-09-02