- **labels**: --> openssl, certificate, SSL/TLS
- **assigned_to**: Daniel Stenberg
- **Comment**:

This is at least not intentional. I did a diff (see cmdline below) between the current version of the openssl code and the 7.26.0 version and it isn't immediately obvious to me which change that caused this. Nor what the fix is...

~~~~
git diff --follow curl-7_26_0.. -- lib/vtls/openssl.c

---
** [bugs:#1467] Unable to get self-signed certificate details via CURLOPT_CERTINFO/CURLINFO_CERTINFO whilst CURLOPT_SSL_VERIFYPEER is 1L**
**Status:** open
**Labels:** openssl certificate SSL/TLS 
**Created:** Sat Jan 03, 2015 03:54 AM UTC by Stephen Brokenshire
**Last Updated:** Sat Jan 03, 2015 03:38 PM UTC
**Owner:** Daniel Stenberg
<u>Bug description</u>
When attempting to get the certificates for the connection after using curl_easy_perform with CURLOPT_CERTINFO/CURLINFO_CERTINFO, if a self-signed certificate is used then an error occurs as CURLOPT_SSL_VERIFYPEER is set but no certificates are returned via CURLINFO_CERTINFO when the self-signed certificate should be returned.
Having had a chat in the IRC channel with byte_bucket, it seems that the SSL session information appears to be cleaned up when an error occurs without the opportunity to get the certificate information.
Without this certificate information I can't properly give details to the user that a self-signed or a certificate with an invalid chain (not updating their system certificate collection in ages for example) is being used.
Setting CURLOPT_SSL_VERIFYPEER to 0L does remove this issue, however this is undesirable as it will inevitably lead to a MITM attack.
Attached is the code for testing against a self-signed certificate and also a valid chain certificate for comparison purposes.
<u>Versions tested</u>
<i>Debian Wheezy</i>
<b>Supplied version 7.26 (works):</b>
curl 7.26.0 (x86_64-pc-linux-gnu) libcurl/7.26.0 OpenSSL/1.0.1e zlib/1.2.7 libidn/1.25 libssh2/1.4.2 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtmp rtsp scp sftp smtp smtps telnet tftp 
Features: Debug GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP 
<b>Source code version 7.39 (doesn't work):</b>
curl 7.39.0 (x86_64-unknown-linux-gnu) libcurl/7.39.0 OpenSSL/1.0.1e zlib/1.2.7 libidn/1.25 libssh2/1.4.2 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smtp smtps telnet tftp 
Features: IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
<i>OpenSuSE 13.1</i>
<b>Supplied version 7.32 (doesn't work):</b>
curl 7.32.0 (x86_64-suse-linux-gnu) libcurl/7.32.0 OpenSSL/1.0.1j zlib/1.2.8 libidn/1.25 libssh2/1.4.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp 
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
<u>Expected test results (from supplied 7.26 Debian version)</u>
Option 0: Return for https://digit.mahou.co.uk:8443
curl_easy_preform() failed: SSL peer certificate or SSH remote key was not OK
1 certs
Subject:CN=Digit.LasLindas
Issuer:CN=Digit.LasLindas
Version:0
Signature Algorithm:sha1WithRSAEncryption
Start date:2011-11-27 21:54:42 GMT
Expire date:2021-11-24 21:54:42 GMT
Public Key Algorithm:rsaEncryption
RSA Public Key:2048
rsa(n):a4:0b:fc:0d:6a:68:b0:1a:b1:95:17:df:d4:60:5c:fe:24:e9:ae:a6:5a:8b:98:95:24:29:97:71:a1:88:f6:f2:26:44:3c:38:44:6e:cd:99:2d:3a:b7:c5:c7:de:c1:0f:c9:33:7a:f4:72:27:e0:f9:15:29:4d:80:35:7c:79:c3:f5:59:03:69:45:7a:72:43:35:f5:3d:4f:cb:7f:75:7d:10:f8:ab:98:f2:0b:82:c9:19:bb:06:93:07:62:4c:0b:8d:57:78:90:95:19:ae:01:98:91:ff:57:f0:bf:be:19:24:98:7d:01:a1:df:a4:16:05:6d:48:3f:26:0e:7f:27:98:0b:9a:f0:28:73:2f:3f:a7:53:62:07:ec:dd:a5:03:7c:9c:3d:f2:09:c5:e0:2e:0b:0f:1a:17:0d:8e:0f:b9:6b:72:d1:1e:2b:80:60:91:e0:a1:e6:0d:7d:72:03:3e:6d:bd:0d:c8:47:46:e0:17:62:b1:06:48:b1:99:63:9a:3b:bc:64:0c:36:44:50:84:a9:03:be:3a:e0:b3:cf:a1:85:33:8e:0c:81:0b:f7:e5:07:0c:2c:74:88:93:0f:63:ae:e8:fd:ce:f8:08:c8:c6:a3:f4:f9:48:4e:68:82:2b:92:0e:d0:05:12:a6:fe:1e:2c:47:f3:0c:57:1d:88:d3:
rsa(e):01:00:01:
Signature:48:1c:bc:44:c6:d5:8d:68:22:5e:51:e0:f3:d7:ed:be:ef:5e:b4:3e:a3:2e:92:bf:0b:44:f7:f2:1e:4b:c6:49:8d:b4:e4:6b:2b:c0:68:7a:b0:d8:e9:2a:db:5c:10:49:65:1b:98:ea:ca:87:92:30:d0:0e:7a:35:f4:2c:9e:94:3c:96:e0:fe:91:c6:1d:42:c5:aa:e3:7d:09:22:88:54:7c:95:32:d9:6b:4b:ea:0e:70:fd:57:23:75:85:de:45:98:96:17:00:ab:3e:56:4f:57:7b:60:c6:01:e7:8f:98:78:6b:fb:62:8c:72:3a:e9:70:78:6f:b5:a9:ff:ce:be:65:69:6b:00:62:68:ff:03:0c:71:7c:19:03:89:ab:5d:cf:fe:77:21:43:86:57:03:d1:75:02:16:dd:b4:b5:16:f0:d2:10:d8:3b:fd:30:39:c6:48:b3:79:ef:95:36:db:1f:01:07:f2:45:0d:5a:89:5d:9f:14:db:e1:78:df:4c:96:2f:d7:08:4e:c3:ef:29:c7:34:4d:0b:9d:e7:3a:a3:b7:4b:aa:9e:ee:99:51:8b:26:37:ae:29:93:da:0b:0a:c0:01:de:72:77:c8:bd:79:1d:8e:56:41:39:d4:b4:db:38:95:c2:63:c3:73:f5:0a:ea:08:c4:ab:78:8d:7c:e0:
Cert:-----BEGIN CERTIFICATE-----
MIICsDCCAZgCCQDSK3nhOBWc/zANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9E
aWdpdC5MYXNMaW5kYXMwHhcNMTExMTI3MjE1NDQyWhcNMjExMTI0MjE1NDQyWjAa
MRgwFgYDVQQDEw9EaWdpdC5MYXNMaW5kYXMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkC/wNamiwGrGVF9/UYFz+JOmuplqLmJUkKZdxoYj28iZEPDhE
bs2ZLTq3xcfewQ/JM3r0cifg+RUpTYA1fHnD9VkDaUV6ckM19T1Py391fRD4q5jy
C4LJGbsGkwdiTAuNV3iQlRmuAZiR/1fwv74ZJJh9AaHfpBYFbUg/Jg5/J5gLmvAo
cy8/p1NiB+zdpQN8nD3yCcXgLgsPGhcNjg+5a3LRHiuAYJHgoeYNfXIDPm29DchH
RuAXYrEGSLGZY5o7vGQMNkRQhKkDvjrgs8+hhTOODIEL9+UHDCx0iJMPY67o/c74
CMjGo/T5SE5ogiuSDtAFEqb+HixH8wxXHYjTAgMBAAEwDQYJKoZIhvcNAQEFBQAD
ggEBAEgcvETG1Y1oIl5R4PPX7b7vXrQ+oy6SvwtE9/IeS8ZJjbTkayvAaHqw2Okq
21wQSWUbmOrKh5Iw0A56NfQsnpQ8luD+kcYdQsWq430JIohUfJUy2WtL6g5w/Vcj
dYXeRZiWFwCrPlZPV3tgxgHnj5h4a/tijHI66XB4b7Wp/86+ZWlrAGJo/wMMcXwZ
A4mrXc/+dyFDhlcD0XUCFt20tRbw0hDYO/0wOcZIs3nvlTbbHwEH8kUNWoldnxTb
4XjfTJYv1whOw+8pxzRNC53nOqO3S6qe7plRiyY3rimT2gsKwAHecnfIvXkdjlZB
OdS02ziVwmPDc/UK6gjEq3iNfOA=
-----END CERTIFICATE-----
----------------------
Option 1: Return for https://premium.xestia.co.uk
3 certs
Subject:OU=Domain Control Validated; OU=PositiveSSL; CN=gelforn.xestia.co.uk
Issuer:C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Domain Validation Secure Server CA
Version:2
Signature Algorithm:sha256WithRSAEncryption
Start date:2014-11-02 00:00:00 GMT
Expire date:2019-11-01 23:59:59 GMT
Public Key Algorithm:rsaEncryption
RSA Public Key:4096
rsa(n):8b:1c:d4:61:d8:ba:b1:ca:bd:50:a6:c9:62:95:f6:44:47:1b:9a:ac:b9:30:fd:38:a4:0c:2c:43:74:f4:33:e5:e6:e6:85:16:11:e2:a6:ba:51:ea:9f:c2:53:70:2e:d0:b4:c0:f8:8d:0f:20:98:66:d4:27:15:66:c5:c8:db:fd:f7:3b:ff:7b:26:e8:03:21:a8:54:fa:8e:72:1e:3c:9a:97:0d:ab:25:f0:3c:62:b1:c5:0c:e9:44:54:07:36:56:17:40:cf:c3:3a:f9:44:4a:3a:73:c3:71:ee:77:a1:72:5d:7b:23:78:e9:0c:77:10:95:bc:a5:df:10:5e:5c:19:52:06:5c:88:52:18:c5:a0:c1:3a:e5:c6:83:81:65:91:04:9c:d2:a8:fd:8f:d5:00:68:72:9e:75:12:0d:29:88:b2:9b:44:16:52:2b:ef:37:96:8e:e3:d8:6d:06:d7:1e:ea:3b:75:c5:fb:0e:fd:48:21:fb:da:d6:7e:f8:8f:e9:3a:f7:7a:e1:08:26:5c:0d:5b:24:80:7d:95:6a:b5:ed:7a:20:2e:e7:71:87:2a:8f:ef:94:5d:5c:00:44:71:92:f2:65:3a:1f:c5:c1:67:5d:44:3c:af:19:e6:2a:5f:56:d4:23:51:0d:82:93:64:ce:dd:a4:82:da:e6:3e:59:7f:64:91:28:7f:39:e5:3b:4d:39:4f:07:61:ae:a7:f6:c6:83:14:fe:08:fb:1f:e2:08:c8:2c:2d:17:e9:e3:f6:86:9d:75:0f:c4:79:90:7e:44:db:4f:cb:59:1b:85:d4:cc:71:17:10:0e:ac:7f:7c:e4:f8:b5:fa:53:fa:3b:79:55:56:24:1d:48:21:7a:96:b0:c1:ed:90:d5:c9:07:b4:0a:f2:3c:48:4e:64:6e:4a:59:7a:54:52:44:cc:6f:21:6e:ee:01:05:12:27:a3:2b:bb:28:f2:d1:c5:c3:12:8e:e7:f4:42:11:c7:d4:b7:9a:43:1a:24:af:bd:0f:30:f0:1a:ae:ca:88:27:d0:95:ef:be:e3:6c:35:a7:c0:19:05:0c:a2:cc:3c:d7:f2:8d:30:c2:e9:6a:72:d8:f5:e3:66:27:51:23:09:0c:50:47:de:97:02:10:ed:06:53:8e:ea:ab:b3:9c:0c:b2:2a:e0:b4:62:cf:c7:9a:14:8a:66:14:c2:f4:56:8b:62:8e:3f:1a:c6:fe:d5:a5:55:69:9e:6a:ad:06:d0:47:a4:29:4b:ad:7f:13:b4:09:69:b6:48:d8:9c:27:d5:cb:6f:0c:7e:5f:3b:f2:fb:3e:d1:b0:a1:b2:60:16:d1:d4:fb:76:d3:45:f0:d8:4e:ea:c2:c6:40:d2:e9:
rsa(e):01:00:01:
X509v3 Authority Key Identifier:keyid:90:AF:6A:3A:94:5A:0B:D8:90:EA:12:56:73:DF:43:B4:3A:28:DA:E7
X509v3 Subject Key Identifier:8E:36:FC:DD:71:B9:B4:D4:1F:7E:4E:6A:91:15:34:AE:25:DB:EA:D5
X509v3 Key Usage:DigitalSignature,KeyEncipherment
X509v3 Basic Constraints:CA:FALSE
X509v3 Extended Key Usage:TLSWebServerAuthentication,TLSWebClientAuthentication
X509v3 Certificate Policies:Policy:1.3.6.1.4.1.6449.1.2.2.7, CPS:https://secure.comodo.com/CPS, Policy:2.23.140.1.2.1
X509v3 CRL Distribution Points:, FullName:, URI:http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl
Authority Information Access:CAIssuers-URI:http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt, OCSP-URI:http://ocsp.comodoca.com
X509v3 Subject Alternative Name:DNS:gelforn.xestia.co.uk,DNS:www.gelforn.xestia.co.uk
Signature:4c:65:cc:b2:18:6b:9b:5a:69:e6:dd:b2:e9:9a:a4:c7:bb:cd:8a:38:32:b4:60:dc:73:de:07:72:ff:92:af:95:05:6d:9b:db:87:f5:2f:0f:77:09:82:48:a8:45:70:f4:a9:15:82:2f:d6:ec:ec:d0:47:fa:1f:00:97:8e:6e:cd:13:19:8f:c6:40:d4:2b:aa:e0:9b:ad:44:ff:30:40:8b:d0:2e:57:b6:dd:e3:b2:51:93:52:d3:d2:a0:fe:1e:2e:9d:94:28:b0:92:8b:a8:41:aa:f9:60:3f:8b:12:0b:12:04:a0:e6:a8:a8:b6:d6:a0:ce:ee:54:fa:5d:d0:d5:c6:03:77:fc:cc:e8:a9:b0:e8:6c:d9:69:85:92:16:93:0c:ba:82:ca:ec:67:26:3c:26:90:8b:92:48:44:64:53:7d:e8:71:5b:82:23:90:eb:7a:87:e8:a6:e2:4d:7f:a6:45:78:a3:ca:a0:2c:7b:14:aa:0f:c0:82:84:ac:a9:ad:b4:d3:ef:75:08:95:ed:ee:2a:04:dd:1c:13:57:14:4b:77:f1:7a:a5:70:10:0f:0d:51:2a:f8:19:62:61:e9:99:cc:fd:b6:4f:56:32:db:be:f9:35:ca:38:58:ae:99:42:11:a4:33:5c:c8:24:2e:7d:9f:34:45:aa:35:b1:07:fc:50:
Cert:-----BEGIN CERTIFICATE-----
MIIGYDCCBUigAwIBAgIQGxndeuZ1+b20v/OdmMBvxDANBgkqhkiG9w0BAQsFADCB
kDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxNjA0BgNV
BAMTLUNPTU9ETyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD
QTAeFw0xNDExMDIwMDAwMDBaFw0xOTExMDEyMzU5NTlaMFgxITAfBgNVBAsTGERv
bWFpbiBDb250cm9sIFZhbGlkYXRlZDEUMBIGA1UECxMLUG9zaXRpdmVTU0wxHTAb
BgNVBAMTFGdlbGZvcm4ueGVzdGlhLmNvLnVrMIICIjANBgkqhkiG9w0BAQEFAAOC
Ag8AMIICCgKCAgEAixzUYdi6scq9UKbJYpX2REcbmqy5MP04pAwsQ3T0M+Xm5oUW
EeKmulHqn8JTcC7QtMD4jQ8gmGbUJxVmxcjb/fc7/3sm6AMhqFT6jnIePJqXDasl
8DxiscUM6URUBzZWF0DPwzr5REo6c8Nx7nehcl17I3jpDHcQlbyl3xBeXBlSBlyI
UhjFoME65caDgWWRBJzSqP2P1QBocp51Eg0piLKbRBZSK+83lo7j2G0G1x7qO3XF
+w79SCH72tZ++I/pOvd64QgmXA1bJIB9lWq17XogLudxhyqP75RdXABEcZLyZTof
xcFnXUQ8rxnmKl9W1CNRDYKTZM7dpILa5j5Zf2SRKH855TtNOU8HYa6n9saDFP4I
+x/iCMgsLRfp4/aGnXUPxHmQfkTbT8tZG4XUzHEXEA6sf3zk+LX6U/o7eVVWJB1I
IXqWsMHtkNXJB7QK8jxITmRuSll6VFJEzG8hbu4BBRInoyu7KPLRxcMSjuf0QhHH
1LeaQxokr70PMPAarsqIJ9CV777jbDWnwBkFDKLMPNfyjTDC6Wpy2PXjZidRIwkM
UEfelwIQ7QZTjuqrs5wMsirgtGLPx5oUimYUwvRWi2KOPxrG/tWlVWmeaq0G0Eek
KUutfxO0CWm2SNicJ9XLbwx+Xzvy+z7RsKGyYBbR1Pt200Xw2E7qwsZA0ukCAwEA
AaOCAeswggHnMB8GA1UdIwQYMBaAFJCvajqUWgvYkOoSVnPfQ7Q6KNrnMB0GA1Ud
DgQWBBSONvzdcbm01B9+TmqRFTSuJdvq1TAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T
AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTwYDVR0gBEgw
RjA6BgsrBgEEAbIxAQICBzArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5j
b21vZG8uY29tL0NQUzAIBgZngQwBAgEwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDov
L2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3Vy
ZVNlcnZlckNBLmNybDCBhQYIKwYBBQUHAQEEeTB3ME8GCCsGAQUFBzAChkNodHRw
Oi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2Vj
dXJlU2VydmVyQ0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9j
YS5jb20wOQYDVR0RBDIwMIIUZ2VsZm9ybi54ZXN0aWEuY28udWuCGHd3dy5nZWxm
b3JuLnhlc3RpYS5jby51azANBgkqhkiG9w0BAQsFAAOCAQEATGXMshhrm1pp5t2y
6Zqkx7vNijgytGDcc94Hcv+Sr5UFbZvbh/UvD3cJgkioRXD0qRWCL9bs7NBH+h8A
l45uzRMZj8ZA1Cuq4JutRP8wQIvQLle23eOyUZNS09Kg/h4unZQosJKLqEGq+WA/
ixILEgSg5qiottagzu5U+l3Q1cYDd/zM6Kmw6GzZaYWSFpMMuoLK7GcmPCaQi5JI
RGRTfehxW4IjkOt6h+im4k1/pkV4o8qgLHsUqg/AgoSsqa200+91CJXt7ioE3RwT
VxRLd/F6pXAQDw1RKvgZYmHpmcz9tk9WMtu++TXKOFiumUIRpDNcyCQufZ80Rao1
sQf8UA==
-----END CERTIFICATE-----
Subject:C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Domain Validation Secure Server CA
Issuer:C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Certification Authority
Version:2
Signature Algorithm:sha384WithRSAEncryption
Start date:2014-02-12 00:00:00 GMT
Expire date:2029-02-11 23:59:59 GMT
Public Key Algorithm:rsaEncryption
RSA Public Key:2048
rsa(n):8e:c2:02:19:e1:a0:59:a4:eb:38:35:8d:2c:fd:01:d0:d3:49:c0:64:c7:0b:62:05:45:16:3a:a8:a0:c0:0c:02:7f:1d:cc:db:c4:a1:6d:77:03:a3:0f:86:f9:e3:06:9c:3e:0b:81:8a:9b:49:1b:ad:03:be:fa:4b:db:8c:20:ed:d5:ce:5e:65:8e:3e:0d:af:4c:c2:b0:b7:45:5e:52:2f:34:de:48:24:64:b4:41:ae:00:97:f7:be:67:de:9e:d0:7a:a7:53:80:3b:7c:ad:f5:96:55:6f:97:47:0a:7c:85:8b:22:97:8d:b3:84:e0:96:57:d0:70:18:60:96:8f:ee:2d:07:93:9d:a1:ba:ca:d1:cd:7b:e9:c4:2a:9a:28:21:91:4d:6f:92:4f:25:a5:f2:7a:35:dd:26:dc:46:a5:d0:ac:59:35:8c:ff:4e:91:43:50:3f:59:93:1e:6c:51:21:ee:58:14:ab:fe:75:50:78:3e:4c:b0:1c:86:13:fa:6b:98:bc:e0:3b:94:1e:85:52:dc:03:93:24:18:6e:cb:27:51:45:e6:70:de:25:43:a4:0d:e1:4a:a5:ed:b6:7e:c8:cd:6d:ee:2e:1d:27:73:5d:dc:45:30:80:aa:e3:b2:41:0b:af:bd:44:87:da:b9:e5:1b:9d:7f:ae:e5:85:82:a5:
rsa(e):01:00:01:
X509v3 Authority Key Identifier:keyid:BB:AF:7E:02:3D:FA:A6:F1:3C:84:8E:AD:EE:38:98:EC:D9:32:32:D4
X509v3 Subject Key Identifier:90:AF:6A:3A:94:5A:0B:D8:90:EA:12:56:73:DF:43:B4:3A:28:DA:E7
X509v3 Key Usage:DigitalSignature,CertificateSign,CRLSign
X509v3 Basic Constraints:CA:TRUE,pathlen:0
X509v3 Extended Key Usage:TLSWebServerAuthentication,TLSWebClientAuthentication
X509v3 Certificate Policies:Policy:X509v3AnyPolicy, Policy:2.23.140.1.2.1
X509v3 CRL Distribution Points:, FullName:, URI:http://crl.comodoca.com/COMODORSACertificationAuthority.crl
Authority Information Access:CAIssuers-URI:http://crt.comodoca.com/COMODORSAAddTrustCA.crt, OCSP-URI:http://ocsp.comodoca.com
Signature:4e:2b:76:4f:92:1c:62:36:89:ba:77:c1:27:05:f4:1c:d6:44:9d:a9:9a:3e:aa:d5:66:66:01:3e:ea:49:e6:a2:35:bc:fa:f6:dd:95:8e:99:35:98:0e:36:18:75:b1:dd:dd:50:72:7c:ae:dc:77:88:ce:0f:f7:90:20:ca:a3:67:2e:1f:56:7f:7b:e1:44:ea:42:95:c4:5d:0d:01:50:46:15:f2:81:89:59:6c:8a:dd:8c:f1:12:a1:8d:3a:42:8a:98:f8:4b:34:7b:27:3b:08:b4:6f:24:3b:72:9d:63:74:58:3c:1a:6c:3f:4f:c7:11:9a:c8:a8:f5:b5:37:ef:10:45:c6:6c:d9:e0:5e:95:26:b3:eb:ad:a3:b9:ee:7f:0c:9a:66:35:73:32:60:4e:e5:dd:8a:61:2c:6e:52:11:77:68:96:d3:18:75:51:15:00:1b:74:88:dd:e1:c7:38:04:43:28:e9:16:fd:d9:05:d4:5d:47:27:60:d6:fb:38:3b:6c:72:a2:94:f8:42:1a:df:ed:6f:06:8c:45:c2:06:00:aa:e4:e8:dc:d9:b5:e1:73:78:ec:f6:23:dc:d1:dd:6c:8e:1a:8f:a5:ea:54:7c:96:b7:c3:fe:55:8e:8d:49:5e:fc:64:bb:cf:3e:bd:96:eb:69:cd:bf:e0:48:f1:62:82:10:e5:0c:46:57:f2:33:da:d0:c8:63:ed:c6:1f:94:05:96:4a:1a:91:d1:f7:eb:cf:8f:52:ae:0d:08:d9:3e:a8:a0:51:e9:c1:87:74:d5:c9:f7:74:ab:2e:53:fb:bb:7a:fb:97:e2:f8:1f:26:8f:b3:d2:a0:e0:37:5b:28:3b:31:e5:0e:57:2d:5a:b8:ad:79:ac:5e:20:66:1a:a5:b9:a6:b5:39:c1:f5:98:
Cert:-----BEGIN CERTIFICATE-----
MIIGCDCCA/CgAwIBAgIQKy5u6tl1NmwUim7bo3yMBzANBgkqhkiG9w0BAQwFADCB
hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEy
MDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
Q09NT0RPIENBIExpbWl0ZWQxNjA0BgNVBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZh
bGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAI7CAhnhoFmk6zg1jSz9AdDTScBkxwtiBUUWOqigwAwCfx3M28Sh
bXcDow+G+eMGnD4LgYqbSRutA776S9uMIO3Vzl5ljj4Nr0zCsLdFXlIvNN5IJGS0
Qa4Al/e+Z96e0HqnU4A7fK31llVvl0cKfIWLIpeNs4TgllfQcBhglo/uLQeTnaG6
ytHNe+nEKpooIZFNb5JPJaXyejXdJtxGpdCsWTWM/06RQ1A/WZMebFEh7lgUq/51
UHg+TLAchhP6a5i84DuUHoVS3AOTJBhuyydRReZw3iVDpA3hSqXttn7IzW3uLh0n
c13cRTCAquOyQQuvvUSH2rnlG51/ruWFgqUCAwEAAaOCAWUwggFhMB8GA1UdIwQY
MBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSQr2o6lFoL2JDqElZz
30O0Oija5zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgG
BmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNv
bS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB
AQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9E
T1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21v
ZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAE4rdk+SHGI2ibp3wScF9BzWRJ2p
mj6q1WZmAT7qSeaiNbz69t2Vjpk1mA42GHWx3d1Qcnyu3HeIzg/3kCDKo2cuH1Z/
e+FE6kKVxF0NAVBGFfKBiVlsit2M8RKhjTpCipj4SzR7JzsItG8kO3KdY3RYPBps
P0/HEZrIqPW1N+8QRcZs2eBelSaz662jue5/DJpmNXMyYE7l3YphLG5SEXdoltMY
dVEVABt0iN3hxzgEQyjpFv3ZBdRdRydg1vs4O2xyopT4Qhrf7W8GjEXCBgCq5Ojc
2bXhc3js9iPc0d1sjhqPpepUfJa3w/5Vjo1JXvxku88+vZbrac2/4EjxYoIQ5QxG
V/Iz2tDIY+3GH5QFlkoakdH368+PUq4NCNk+qKBR6cGHdNXJ93SrLlP7u3r7l+L4
HyaPs9Kg4DdbKDsx5Q5XLVq4rXmsXiBmGqW5prU5wfWYQ//u+aen/e7KJD2AFsQX
j4rBYKEMrltDR5FL1ZoXX/nUh8HCjLfn4g8wGTeGrODcQgPmlKidrv0PJFGUzpII
0fxQ8ANAe4hZ7Q7drNJ3gjTcBpUC2JD5Leo31Rpg0Gcg19hCC0Wvgmje3WYkN5Ap
lBlGGSW4gNfL1IYoakRwJiNiqZ+Gb7+6kHDSVneFeO/qJakXzlByjAA6quPbYzSf
+AZxAeKCINT+b72x
-----END CERTIFICATE-----
Subject:C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Certification Authority
Issuer:C=SE; O=AddTrust AB; OU=AddTrust External TTP Network; CN=AddTrust External CA Root
Version:2
Signature Algorithm:sha384WithRSAEncryption
Start date:2000-05-30 10:48:38 GMT
Expire date:2020-05-30 10:48:38 GMT
Public Key Algorithm:rsaEncryption
RSA Public Key:4096
rsa(n):91:e8:54:92:d2:0a:56:b1:ac:0d:24:dd:c5:cf:44:67:74:99:2b:37:a3:7d:23:70:00:71:bc:53:df:c4:fa:2a:12:8f:4b:7f:10:56:bd:9f:70:72:b7:61:7f:c9:4b:0f:17:a7:3d:e3:b0:04:61:ee:ff:11:97:c7:f4:86:3e:0a:fa:3e:5c:f9:93:e6:34:7a:d9:14:6b:e7:9c:b3:85:a0:82:7a:76:af:71:90:d7:ec:fd:0d:fa:9c:6c:fa:df:b0:82:f4:14:7e:f9:be:c4:a6:2f:4f:7f:99:7f:b5:fc:67:43:72:bd:0c:00:d6:89:eb:6b:2c:d3:ed:8f:98:1c:14:ab:7e:e5:e3:6e:fc:d8:a8:e4:92:24:da:43:6b:62:b8:55:fd:ea:c1:bc:6c:b6:8b:f3:0e:8d:9a:e4:9b:6c:69:99:f8:78:48:30:45:d5:ad:e1:0d:3c:45:60:fc:32:96:51:27:bc:67:c3:ca:2e:b6:6b:ea:46:c7:c7:20:a0:b1:1f:65:de:48:08:ba:a4:4e:a9:f2:83:46:37:84:eb:e8:cc:81:48:43:67:4e:72:2a:9b:5c:bd:4c:1b:28:8a:5c:22:7b:b4:ab:98:d9:ee:e0:51:83:c3:09:46:4e:6d:3e:99:fa:95:17:da:7c:33:57:41:3c:8d:51:ed:0b:b6:5c:af:2c:63:1a:df:57:c8:3f:bc:e9:5d:c4:9b:af:45:99:e2:a3:5a:24:b4:ba:a9:56:3d:cf:6f:aa:ff:49:58:be:f0:a8:ff:f4:b8:ad:e9:37:fb:ba:b8:f4:0b:3a:f9:e8:43:42:1e:89:d8:84:cb:13:f1:d9:bb:e1:89:60:b8:8c:28:56:ac:14:1d:9c:0a:e7:71:eb:cf:0e:dd:3d:a9:96:a1:48:bd:3c:f7:af:b5:0d:22:4c:c0:11:81:ec:56:3b:f6:d3:a2:e2:5b:b7:b2:04:22:52:95:80:93:69:e8:8e:4c:65:f1:91:03:2d:70:74:02:ea:8b:67:15:29:69:52:02:bb:d7:df:50:6a:55:46:bf:a0:a3:28:61:7f:70:d0:c3:a2:aa:2c:21:aa:47:ce:28:9c:06:45:76:bf:82:18:27:b4:d5:ae:b4:cb:50:e6:6b:f4:4c:86:71:30:e9:a6:df:16:86:e0:d8:ff:40:dd:fb:d0:42:88:7f:a3:33:3a:2e:5c:1e:41:11:81:63:ce:18:71:6b:2b:ec:a6:8a:b7:31:5c:3a:6a:47:e0:c3:79:59:d6:20:1a:af:f2:6a:98:aa:72:bc:57:4a:d2:4b:9d:bb:10:fc:b0:4c:41:e5:ed:1d:3d:5e:28:9d:9c:cc:bf:b3:51:da:a7:47:e5:84:53:
rsa(e):01:00:01:
X509v3 Authority Key Identifier:keyid:AD:BD:98:7A:34:B4:26:F7:FA:C4:26:54:EF:03:BD:E0:24:CB:54:1A
X509v3 Subject Key Identifier:BB:AF:7E:02:3D:FA:A6:F1:3C:84:8E:AD:EE:38:98:EC:D9:32:32:D4
X509v3 Key Usage:DigitalSignature,CertificateSign,CRLSign
X509v3 Basic Constraints:CA:TRUE
X509v3 Certificate Policies:Policy:X509v3AnyPolicy
X509v3 CRL Distribution Points:, FullName:, URI:http://crl.usertrust.com/AddTrustExternalCARoot.crl
Authority Information Access:OCSP-URI:http://ocsp.usertrust.com
Signature:64:bf:83:f1:5f:9a:85:d0:cd:b8:a1:29:57:0d:e8:5a:f7:d1:e9:3e:f2:76:04:6e:f1:52:70:bb:1e:3c:ff:4d:0d:74:6a:cc:81:82:25:d3:c3:a0:2a:5d:4c:f5:ba:8b:a1:6d:c4:54:09:75:c7:e3:27:0e:5d:84:79:37:40:13:77:f5:b4:ac:1c:d0:3b:ab:17:12:d6:ef:34:18:7e:2b:e9:79:d3:ab:57:45:0c:af:28:fa:d0:db:e5:50:95:88:bb:df:85:57:69:7d:92:d8:52:ca:73:81:bf:1c:f3:e6:b8:6e:66:11:05:b3:1e:94:2d:7f:91:95:92:59:f1:4c:ce:a3:91:71:4c:7c:47:0c:3b:0b:19:f6:a1:b1:6c:86:3e:5c:aa:c4:2e:82:cb:f9:07:96:ba:48:4d:90:f2:94:c8:a9:73:a2:eb:06:7b:23:9d:de:a2:f3:4d:55:9f:7a:61:45:98:18:68:c7:5e:40:6b:23:f5:79:7a:ef:8c:b5:6b:8b:b7:6f:46:f4:7b:f1:3d:4b:04:d8:93:80:59:5a:e0:41:24:1d:b2:8f:15:60:58:47:db:ef:6e:46:fd:15:f5:d9:5f:9a:b3:db:d8:b8:e4:40:b3:cd:97:39:ae:85:bb:1d:8e:bc:dc:87:9b:d1:a6:ef:f1:3b:6f:10:38:6f:
Cert:-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgIQJ2buVutJ846r13Ci/ITeIjANBgkqhkiG9w0BAQwFADBv
MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF
eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow
gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
VQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkq
hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkehUktIKVrGsDSTdxc9EZ3SZKzejfSNw
AHG8U9/E+ioSj0t/EFa9n3Byt2F/yUsPF6c947AEYe7/EZfH9IY+Cvo+XPmT5jR6
2RRr55yzhaCCenavcZDX7P0N+pxs+t+wgvQUfvm+xKYvT3+Zf7X8Z0NyvQwA1onr
ayzT7Y+YHBSrfuXjbvzYqOSSJNpDa2K4Vf3qwbxstovzDo2a5JtsaZn4eEgwRdWt
4Q08RWD8MpZRJ7xnw8outmvqRsfHIKCxH2XeSAi6pE6p8oNGN4Tr6MyBSENnTnIq
m1y9TBsoilwie7SrmNnu4FGDwwlGTm0+mfqVF9p8M1dBPI1R7Qu2XK8sYxrfV8g/
vOldxJuvRZnio1oktLqpVj3Pb6r/SVi+8Kj/9Lit6Tf7urj0Czr56ENCHonYhMsT
8dm74YlguIwoVqwUHZwK53Hrzw7dPamWoUi9PPevtQ0iTMARgexWO/bTouJbt7IE
IlKVgJNp6I5MZfGRAy1wdALqi2cVKWlSArvX31BqVUa/oKMoYX9w0MOiqiwhqkfO
KJwGRXa/ghgntNWutMtQ5mv0TIZxMOmm3xaG4Nj/QN370EKIf6MzOi5cHkERgWPO
GHFrK+ymircxXDpqR+DDeVnWIBqv8mqYqnK8V0rSS527EPywTEHl7R09XiidnMy/
s1Hap0flhFMCAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73g
JMtUGjAdBgNVHQ4EFgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQD
AgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1UdHwQ9
MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4dGVy
bmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0dHA6
Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAGS/g/FfmoXQ
zbihKVcN6Fr30ek+8nYEbvFScLsePP9NDXRqzIGCJdPDoCpdTPW6i6FtxFQJdcfj
Jw5dhHk3QBN39bSsHNA7qxcS1u80GH4r6XnTq1dFDK8o+tDb5VCViLvfhVdpfZLY
Uspzgb8c8+a4bmYRBbMelC1/kZWSWfFMzqORcUx8Rww7Cxn2obFshj5cqsQugsv5
B5a6SE2Q8pTIqXOi6wZ7I53eovNNVZ96YUWYGGjHXkBrI/V5eu+MtWuLt29G9Hvx
PUsE2JOAWVrgQSQdso8VYFhH2+9uRv0V9dlfmrPb2LjkQLPNlzmuhbsdjrzch5vR
pu/xO28QOG8=
-----END CERTIFICATE-----
---
Sent from sourceforge.net because curl-tracker@cool.haxx.se is subscribed to https://sourceforge.net/p/curl/bugs/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/curl/admin/bugs/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.