curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

[libcurl][openssh][x64-uwp] cannot set certification verify locations

From: Feng LI via curl-library <curl-library_at_cool.haxx.se>
Date: Sat, 30 May 2020 08:57:15 -0700

Hi guys,

I'm installing libcurl with openssl support from vcpkg for UWP. But the
CURLOPT_CAINFO cannot be set correctly ("error setting certificate verify
location"). Just wondering if someone can help on this. I think this might
be a bug for UWP only, since the x64-windows build is working as expected.

Describe the bug

The x64-uwp build for curl, will fail with

curl_easy_setopt(curl, CURLOPT_CAINFO, cainfo.c_str()); curl_easy_perform(...);

Error message:

* error setting certificate verify locations:
  CAfile: C:\Users\okidogii\AppData\Local\Packages\df268f7d-b5b4-4991-9c68-8120a7b392bb_75cr2b68sm664\LocalState\cacert.pem
  CApath: none
* Marked for [closure]: Failed HTTPS connection

vcpkg install curl[http2,ssl,openssl,ssh] --triplet x64-uwp
vcpkg integrate install

cacert.pem is downloaded recently from curl website. And the x64-windows
version with openssl is working as expected.

Environment

   - OS: Windows (uwp)
   - Compiler: VS2019

To Reproduce
Steps to reproduce the behavior:

use [vcpkg](https://github.com/Microsoft/vcpkg) to build x64-uwp

1. vcpkg install curl[http2,ssl,openssl,ssh] --triplet x64-uwp
2. vcpkg integrate install

        FILE* stream;

        // change path to your app's LocalState folder.
        std::string path =
"C:\\Users\\okidogii\\AppData\\Local\\Packages\\df268f7d-b5b4-4991-9c68-8120a7b392bb_75cr2b68sm664\\LocalState\\stream.txt";
        if ((stream = freopen(path.c_str(), "w", stderr)) == NULL)
            exit(-1);

        curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
        curl_easy_setopt(curl, CURLOPT_URL, "https://curl.haxx.se");

        // change path to your app's LocalState folder.
        std::string cainfo =
"C:\\Users\\okidogii\\AppData\\Local\\Packages\\df268f7d-b5b4-4991-9c68-8120a7b392bb_75cr2b68sm664\\LocalState\\cacert.pem";

        curl_easy_setopt(curl, CURLOPT_CAINFO, cainfo.c_str());
        res = curl_easy_perform(curl); /* always cleanup */
        curl_easy_cleanup(curl);

Expected behavior
curl can set the cainfo correctly.

Failure logs

* STATE: INIT => CONNECT handle 0x245847addd8; line 1605 (connection #-5000)
* Added connection 0. The cache now contains 1 members
* STATE: CONNECT => WAITRESOLVE handle 0x245847addd8; line 1646 (connection #0)
* Trying 151.101.54.49:443...
* TCP_NODELAY set
* STATE: WAITRESOLVE => WAITCONNECT handle 0x245847addd8; line 1725
(connection #0)
* Connected to curl.haxx.se (151.101.54.49) port 443 (#0)
* STATE: WAITCONNECT => SENDPROTOCONNECT handle 0x245847addd8; line
1781 (connection #0)
* Marked for [keep alive]: HTTP default
* ALPN, offering h2
* ALPN, offering http/1.1
* error setting certificate verify locations:
  CAfile: C:\Users\okidogii\AppData\Local\Packages\df268f7d-b5b4-4991-9c68-8120a7b392bb_75cr2b68sm664\LocalState\cacert.pem
  CApath: none
* Marked for [closure]: Failed HTTPS connection
* multi_done
* Closing connection 0
* The cache now contains 0 members
* Expire cleared (transfer 0x245847addd8)

  ./vcpkg.exe list
curl:x64-uwp 7.68.0-3 A
library for transferring data with URLs
curl[http2]:x64-uwp
HTTP2 support
curl[non-http]:x64-uwp
Enables protocols beyond HTTP/HTTPS/HTTP2
curl[openssl]:x64-uwp
SSL support (OpenSSL)
curl[ssh]:x64-uwp
SSH support via libssh2
curl[ssl]:x64-uwp
Default SSL backend
libssh2:x64-uwp 1.9.0
The SSH library
nghttp2:x64-uwp 1.39.2-1
Implementation of the Hypertext Transfer Protoco...
openssl-uwp:x64-uwp 1.1.1d-1
OpenSSL is an open source project that provides ...
openssl:x64-uwp 1.1.1d
OpenSSL is an open source project that provides ...
zlib:x64-uwp 1.2.11-6 A
compression library

Feng

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-05-30