curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: peer certificate cannot be authenticated: osx works, windows doesn't

From: moparisthebest via curl-library <curl-library_at_cool.haxx.se>
Date: Mon, 6 Nov 2017 16:16:19 -0500

Hi,

On 11/06/2017 10:38 AM, Thomas Blom via curl-library wrote:
> Using curl 7.56.0, built against openssl-1.0.2l, I am using
> curl_easy_perform() to post to a server and receive results into a file
> using the CURLOPT_WRITEDATA and an open file handle.

Just as another option here, you could pin the public key and ignore any
CAs or bundles:

https://curl.haxx.se/libcurl/c/CURLOPT_PINNEDPUBLICKEY.html

Keep in mind when you renew your cert you'd have to use the same key.

Or if only this curl app is accessing it and nothing else, self-signed
works equally well and you don't need to worry about expiration or
anything else. You would only be trusting the key is the same.

Thanks,
moparisthebest
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-11-06