Hi, Thanks for reply. It was all just some linking error in my part, I was building local openssl but didnt linked it with the executable.
On Thu, Sep 24, 2015 at 1:41 PM, Daniel Stenberg <[email protected]> wrote: > On Thu, 24 Sep 2015, puneet bist wrote: > > I was earlier using SSL 0.9.8 with curl 7.39.0. Server used TLSv1.0 for >> communication. I used " curl_easy_setopt(curl_handle, >> CURLOPT_SSL_CTX_FUNCTION, ctx_callback);" for self-signed certificates >> fingerprint matching. >> >> In callback function X509_STORE_CTX_get_current_cert always gave the >> certificate which i used to extract the fingerprint. It was working fine. >> >> Now i builded curl 7.39.0 with openssl 1.0.2d and Server used TLSv1.1 for >> communication. But X509_STORE_CTX_get_current_cert always returning NULL. >> So i am not able to check the fingerprint . >> > > The callback simply gets the CTX pointer passed to it that libcurl has, so > this is unfortunately not something libcurl affects. In a *SSL_CTX_FUNCTION > callback like this you interface directly with OpenSSL and I believe you > need to dig down into OpenSSL to figure out why it now returns a different > result now compared to before. > > Maybe you can consider switching to CURLOPT_PINNEDPUBLICKEY anyway to > avoid a custom callback? > > -- > > / daniel.haxx.se > ------------------------------------------------------------------- > List admin: http://cool.haxx.se/list/listinfo/curl-library > Etiquette: http://curl.haxx.se/mail/etiquette.html
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
