cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Latest PEM file is not trusting yahoo.com and many other sites.

From: Arif Ali <arif.ali.syed_at_gmail.com>
Date: Tue, 9 Dec 2014 14:41:13 +0530

I have also tried mk-ca-bundle tool and created a latest pem file but
result is same.

C:\Users\arifs\Desktop\curl-7.39.0\lib>perl mk-ca-bundle.pl sc.pem
Warning: Use of this script may pose some risk, -d risk for more details.
SHA1 of old file: 0
Downloading 'certdata.txt' ...
Get certdata over HTTPS with curl!
  % Total % Received % Xferd Average Speed Time Time Time
 Current
                                 Dload Upload Total Spent Left
 Speed
100 1595k 100 1595k 0 0 215k 0 0:00:07 0:00:07 --:--:--
 370k
SHA1 of new file: c4540021427a6fa29e5f50db9f12d48c97d33889
Processing 'certdata.txt' ...
Done (153 CA certs processed, 41 skipped).

C:\Users\arifs\Desktop\curl-7.39.0\lib>

-Arif

On Tue, Dec 9, 2014 at 2:18 PM, Arif Ali <arif.ali.syed_at_gmail.com> wrote:

> Hello,
> I am using PEM file and following set of APIs on my windows-app.
>
> curl_easy_setopt( curl_handle, CURLOPT_SSLCERTTYPE,"PEM" );
> curl_easy_setopt( curl_handle, CURLOPT_CAINFO, certFile ); //CA Cert
> Bundle
> curl_easy_setopt( curl_handle, CURLOPT_SSL_VERIFYPEER, 1 );
> curl_easy_setopt( curl_handle, CURLOPT_SSL_VERIFYHOST, 1 );
>
>
> Its not trusting the certificates of https://in.yahoo.com/ and one more
> https site.
> If i open both of these sites in firefox it does open
>
> Certificate issuer for both websites that are not opening are following
>
>
> Yahoo => VeriSign Class 3 Secure Server CA - G3
> Another HTTPS site => Entrust Certification Authority - L1C
>
> I have taken the latest PEM file from
> http://curl.haxx.se/docs/caextract.html
>
>
>
>

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-12-09