cURL / Mailing Lists / curl-library / Single Mail


Re: BADCERT_NOT_TRUSTED error with mbedTLS

From: Thomas Glanzmann <>
Date: Wed, 30 Dec 2015 09:17:58 +0100

Hello Ray,
first of all good news. This morning the branch
origin/iotssl-541-pathlen-bugfix was merged. Making you error go away.
However I found at least on other cert still not working.

> I don't know why you are seeing --cacert only accepting a single
> certificate. I have searched the curl repo and I can't find that. And I
> don't believe that's correct for mbedTLS. When we supply a certificate
> bundle via mbedtls_x509_crt_parse_file it should load all the certs in the
> bundle into the list.

And you're right. This works, too.

(infra) [/tmp/testing/mbedtls] ../local/linux/bin/curl --cacert ca-bundle.crt -Ss
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>

List admin:
Received on 2015-12-30