Hi, I'm currently trying to use libcurl to get a page from an https site using a PEM certificate loaded in live memory (based on the cacertinmem example).
I can get the page with no problems if I use a certificate file on disk and perform the following: curl_easy_setopt(curl, CURLOPT_SSLCERT, "c:\My Certificate.pem"); Before calling curl_easy_perform(). However, if I use the following option instead: curl_easy_setopt(ch, CURLOPT_SSL_CTX_FUNCTION, *sslctx_function); Using the same CTX function from 'cacertinmem.c' except with the contents of my certificate instead of the example, I get an "SSL Connect Error" when I call curl_easy_perform(). I've used the verbose feature along with the debug callback to extract this debug output: SSLv3, TLS handshake, Client hello (1): SSLv3, TLS handshake, Server hello (2): SSLv3, TLS handshake, CERT (11): SSLv3, TLS handshake, Server key exchange (12): SSLv3, TLS handshake, Request CERT (13): SSLv3, TLS handshake, Server finished (14): SSLv3, TLS handshake, CERT (11): SSLv3, TLS handshake, Client key exchange (16): SSLv3, TLS change cipher, Client hello (1): SSLv3, TLS handshake, Finished (20): SSLv3, TLS alert, Server hello (2): error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure Closing connection #0 SSL connect error Can anyone explain what I am doing wrong here? I have a feeling I've misunderstood something fundamental but don't have much experience with these protocols so can't see what. Any help would be much appreciated. If it helps I'm using the CURLOPT_SSL_VERIFYPEER flag set to 0. Thanks Please consider the environment before printing this email. This message should be regarded as confidential. If you have received this email in error please notify the sender and destroy it immediately. Statements of intent shall only become binding when confirmed in hard copy by an authorised signatory. The contents of this email may relate to dealings with other companies under the control of BAE Systems plc details of which can be found at http://www.baesystems.com/Businesses/index.htm. Detica Limited is a BAE Systems company trading as BAE Systems Detica. Detica Limited is registered in England and Wales under No: 1337451. Registered office: Surrey Research Park, Guildford, Surrey, GU2 7YP, England. ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
