cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Curl ES 60: Invalid certificate chain on MacOS 10.10.3 (Yosemite)

From: Vadim Grinshpun <vgrinshp_at_akamai.com>
Date: Fri, 08 May 2015 08:23:17 -0400

Hi,
This snippet from CURLOPT_CAPATH doc might be relevant:

"If libcurl is built against OpenSSL, the certificate directory must be
prepared using the openssl c_rehash utility. "

HTH,
-Vadim

On 5/8/15 2:39 AM, Volker Schmid wrote:
> Hello all,
>
> I have a specific problem at a customer. Our software is calling a
> https:// domain using libcurl. No proxy. The system states curl 7.30.0.
>
> We are calling a page that is definitely having a valid certificate
> including a valid chain. It is not self signed. It is signed by COMODO
> using a wildcard certificate. Several online testers stated a valid
> certificate and chain.
>
> We set the certificates keychain using CURLOPT_CAPATH to
> /System/Library/Keychains/ and we also made sure this path exists. It
> seems that other pages are working well but not this one. Calling the
> same URL in Safari works with no problems.
>
> Three other customers with Yosemite do not report this problem (works
> so far). One customer reports the problem.
>
> Any idea?
>
> Best,
>
> Volker
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/list/listinfo/curl-library
> Etiquette: http://curl.haxx.se/mail/etiquette.html

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2015-05-08