curl / Mailing Lists / curl-library / Single Mail



From: Daniel Stenberg via curl-library <>
Date: Fri, 12 Apr 2019 17:20:13 +0200 (CEST)

On Fri, 12 Apr 2019, Lou, Liang Shan (SDCC) via curl-library wrote:

> I meet a problem when using libcurl. I upgrade my libcurl from
> libcurl-7.56.1-WF.0.0.x86_586 to libcurl-7.56.1-WF.1.0.x86_586

None of those version strings returned even a single hit on google. A pretty
rare combo... Where do they come from?

> and when I set the option CURLOPT_SSL_VERIFYPEER as 1L, and call the
> function curl_easy_perform, the return value is CURLE_SSL_CACERT_BADFILE. I
> am confused with this problem.

The libcurl-errors man page explains this as:

   Problem with reading the SSL CA cert (path? access rights?)

> When I investigate on the internet, someone says that it is due to the
> upgrade of libcurl, and needs to restart the server.

That seems very unlikely. I presume you use a libcurl built to use OpenSSL?
Then it is the loading of the CA cert file/dir that failed.

> curl_easy_setopt(curl, CURLOPT_CAPATH, "/usr/cont/etc/security/cert/");
> curl_easy_setopt(curl, CURLOPT_CAINFO, "/usr/cont/etc/security/cert/fxpca.pem");

Usually you don't set both of these. You typically have *either* a directory
of certs or a PEM file with them all.

> IMPORTANT NOTE: Fuji Xerox email transmission, including any attachments, is
> private and confidential

PS: It isn't very private and confidential when you post it to a public
mailing list with thousands of subscribers.

Received on 2019-04-12