Re: using CURLOPT_SSLCERT with self-signed certificate or non-ca-signed certificates
Date: Sat, 30 May 2020 19:51:46 -0400
Le 20-05-30 à 17 h 56, Daniel Stenberg a écrit :
>> Is it possible with libcurl to use a self-signed client certificate?
>
> Yes. To libcurl it doesn't matter who signed it, as long as you can
> verify the signature with the CA cert bundle.
>
>> CURLOPT_SSLCERT documentation doesn't provide information about that.
>
> That's the option for *client certs*. That basically the opposite, when
> you as a client provide a cert to the server so it can verify you.
>
Yes, that's my point, I want to use self-signed *client certificates*
with libcurl.
I try to narrow down why I can't test self-signed client certificates
between libcurl and libmicrohttpd.
My tests are not yet conclusive. If, on the client side, I use a
certificate that is issued from a non-expected CA (or a self-signed
one), the server TLS session states that the client is anonymous.
So far libmicrohttpd helpers told me that the server should accept
self-signed client certificates.
Therefore, I'm wondering if libcurl is causing my inconclusive tests
(maybe because I misuse it).
/Nicolas
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-05-31