cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Error "* Initializing NSS with certpath: sql:/etc/pki/nssdb"

From: Kamil Dudka <kdudka_at_redhat.com>
Date: Thu, 25 Feb 2016 16:00:50 +0100

On Thursday 25 February 2016 09:15:37 cnm marketing wrote:
> Hi,
>
> We use two different ports to do libcurl operations on "CentOS release 6.6
> (Final)".
>
> In an internal port A, with "CURLOPT_VERBOSE" on, we got this message "*
> Initializing NSS with certpath: sql:/etc/pki/nssdb" when using url
> "https://xxxx.aaa.com:portA", then program hangs. However, it works if we
> change "https" to "http". In addition, we try "openssl s_client -cipher
> ...." to get cipher information via port A, it fails (timeout) for all the
> cipher returned from "openssl ciphers 'ALL:eNULL' ....".
>
> In another port B, it works for both "https" and "http". When using openssl
> to get cipher info. it also works fine.
>
>
> Thanks,
> cnm

Have you tried to switch the SSL version and/or enabled cipher-suites?

OpenSSL and NSS have different default configuration from each other.

Please have a look at the following options:

https://curl.haxx.se/libcurl/c/CURLOPT_SSLVERSION.html
https://curl.haxx.se/libcurl/c/CURLOPT_SSL_CIPHER_LIST.html

Kamil
-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-02-25