curl-library
curl command line option to ignore Subject validation
Date: Thu, 17 Dec 2015 05:25:55 +0000
Hi All,
I ve upgraded CURL from 7.30 to 7.46.
But here I'm facing one issue in one of the curl command line execution.
In version 7.30 below command works fine for me:
curl -s -k -m 10 -w "\n%{http_code}" http://localhost:8080/logo.gif
Whereas when I upgraded curl to 7.46 same command failed due to CN validation with below error:
curl -vi -s -k -m 10 -w "\n%{http_code}" https://localhost:8443/logo.gif
* Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8443 (#0)
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* subject: C=IN; O=abc; OU=Aricent; CN=vm418.abc.com; ST=Haryana; L=Gurgaon
* start date: Dec 12 04:27:29 2015 GMT
* expire date: Dec 10 04:27:28 2020 GMT
* SSL: certificate subject name 'vm418.abc.com' does not match target host name 'localhost'
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):
Could you please provide me an option so that I can go ahead without CN validation?
Also let me know in which version these changes are introduced.
Regards
Gaurav
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2015-12-17