Download
Browse source Changelog
Documentation
Project   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users curl-announce curl-commits Etiquette
Development
Autobuilds Code Style Contribute Internals Release Notes Release Procedure Roadmap Run Tests Security Specifications Test curl
News
Changelog Release table
curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: SSL certificate problem: Invalid certificate when changing iOS locale

From: Artem Polyakov via curl-library <curl-library_at_cool.haxx.se>
Date: Tue, 11 Apr 2017 17:21:26 +0300

I use specific HTTPS portals. But it's not only one website
It happens only on iOS
I use curl 7.53.1 with openssl 1.0.2j

draft sample code:
curl_easy_setopt(handle, CURLOPT_PORT, port);
curl_easy_setopt(handle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
curl_easy_setopt(handle, CURLOPT_SSL_CIPHER_LIST, "AES128-SHA:AES256-SHA");
curl_easy_setopt(handle, CURLOPT_CAINFO, "PATH_GOES_HERE");
curl_easy_setopt(handle, CURLOPT_SSL_VERIFYPEER, 1L);
curl_easy_setopt(handle, CURLOPT_SSL_VERIFYHOST, 2L);
curl_easy_setopt(handle, CURLOPT_ERRORBUFFER, curl_errorbuf);
curl_easy_setopt(handle, CURLOPT_URL, url);
curl_easy_setopt(handle, CURLOPT_NOSIGNAL, 1);
curl_easy_setopt(handle, CURLOPT_CONNECTTIMEOUT, ConnectTimeOut);
curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, CurlWriteFunc);
curl_easy_setopt(handle, CURLOPT_WRITEDATA, (void *)(response));
curl_easy_setopt(handle, CURLOPT_POSTFIELDS, request);
curl_easy_setopt(handle, CURLOPT_HTTPHEADER, slist);
curl_easy_setopt(handle, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_easy_setopt(handle, CURLOPT_USERPWD, "PASSWORD_GOES_HERE");
curl_easy_setopt(handle, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_easy_setopt(handle, CURLOPT_TIMEOUT, TimeOut)
rc = curl_easy_perform(handle)

thanks

2017-04-11 16:36 GMT+03:00 Daniel Stenberg <daniel_at_haxx.se>:

> On Tue, 11 Apr 2017, Artem Polyakov via curl-library wrote:
>
> Any ideas why following happens: when curl verifies server certificate
>> agains local storage (base certificates file attached) it fails with error
>> 60 when iOS locale is set to Japanese. With English locale everything is
>> fine, although the same certificate file is used.
>>
>
> Oh wow. What curl version are you trying this with? Is this only happening
> on iOS and not macOS? I presume you've built your curl to use Secure
> Transport for TLS? Does it fail only against a particular site or is it
> happening for more?
>
> - Certificate file upgrade from https://curl.haxx.se/ca/cacert.pem helps
>>
>
> Only adds to the mystery for me... =)
>
> --
>
> / daniel.haxx.se
> 

-- 
Artem Polyakov | Lead Software Engineer
GlobalLogic
P +380322448347 M +380913275432  S polyakovartem
www.globallogic.com
<http://www.globallogic.com/>
http://www.globallogic.com/email_disclaimer.txt

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-04-11