curl / Mailing Lists / curl-library / Single Mail


Re: libcurl with openSSL on windows x64 - no certificates?

From: Sergei Nikulov <>
Date: Tue, 17 Jul 2018 15:32:56 +0300

вт, 17 июл. 2018 г. в 15:06, Ivan Pilipenko <

> Good time of the day,
> I have compiled libcurl using the instructions in
> winbuild\BUILD.WINDOWS.txt with the following options:
> nmake /f VC=15 MODE=dll WITH_SSL=dll ENABLE_WINSSL=no
> WITH_DEVEL=../deps
> including the openssl files in the deps directory as described. The build
> runs fine, except that I can't seem to be able to open a TLS encrypted
> connection to my FTP server. The error message is the usual:
> "Peer certificate cannot be authenticated with given CA certificates,
> details: SSL certificate problem: unable to get local issuer certificate".
> On linux I was able to fix it by using the --with-ca-bundle option and
> pointing it the the correct file. On windows however, there doesn't seem to
> be such an option. Using winSSL on windows works, but winSSL requires an
> internet connection to get the revocation list. Our product has to be able
> to also work on a closed network without internet access, so that's a
> no-go. Disabling CLR checking via CURLSSLOPT_NO_REVOKE has also been
> declined, unless it's the last resort.
> I have tried putting an exported ca-certificates.crt from our linux test
> machine to my working directory on the windows machine, hoping libcurl
> would see it, but no dice.
> Where is libcurl with openSSL backend looking for certificates on windows?
Check this thread for more

Received on 2018-07-17