cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: SSL CERT Verification

From: Ray Satiro via curl-library <curl-library_at_cool.haxx.se>
Date: Mon, 11 Apr 2016 18:44:19 -0400

On 4/11/2016 2:57 AM, Sasikala Raju wrote:
>
> Hello Team,
>
> While establishing connection for https protocol , facing the issue
> with certification although ca bundle have cert required.
>
> It’s happening only in customer environment. Whereas all test
> machines are able to successfully verify the certificate.
>
> Root Certificate required is Entrust Root Certification Authority - G2
> and it does present in CA bundle provided. CA Bundle used in both
> machines is same.
>
> Is there any reason its failing only in specific environment though CA
> bundle is same?
>
>

I can connect to https://edc.commvault.com in libcurl 7.48 using any of
mbedTLS/2.2.1, OpenSSL/1.0.2g, wolfSSL/3.9.0 and WinSSL (Windows 7).
Also fine: libcurl 7.35 using OpenSSL/1.0.1f, and libcurl 7.39 using
OpenSSL/1.0.0s.

I would check again to make sure you're loading the right CA data. See
if your client can connect to https://www.entrust.com which chains up to
the same root CA. Also I would check to make sure that you're really
using the same libcurl and OpenSSL in both cases. I notice you didn't
say what that is. If you give that information to the list someone may
try to reproduce. printf("%s\n",curl_version());

-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-04-12