cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Cipher List setting in Https Request

From: Dan Fandrich <dan_at_coneharvesters.com>
Date: Mon, 16 Jun 2014 15:32:40 +0200

On Sun, Jun 15, 2014 at 09:47:01PM +0800, Woods wrote:
> I use Curl Library C API to request a Https Url, but got an error of "Empty
> reply from server". So I used standard Curl command to request the same Url,
> and get correct result. I noticed that a major difference from the dump out
> information is that different Cipher algorithm is used. So that I change my
> code by setting RC4-MD5 as in the cipher list, and the request becomes correct.
>
> I don't feel I perfectly fix the problem since this is a bit like hard coding.
> Is there an automatic way letting curl to negotiate and choose proper cipher
> method? Thanks for your advice.

There is, and it's used by default. RC4 is considered insecure, so recent
curl releases have disabled it. The right solution is to change the server
to allow a secure encryption method.

>>> Dan
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-06-16