Thanks for fixing his bug! Tested it and I have added the CURLOPT_CAINFO with value NULL which fixed the issue. Ubuntu works fine now as well. Should I preferably use this on Windows as well?
> Op 19 dec. 2017, om 08:40 heeft Ray Satiro via curl-library > <[email protected]> het volgende geschreven: > > On 12/18/2017 4:28 PM, Thomas van Hesteren via curl-library wrote: >> I have a problem which I have described on�stack overflow >> <https://stackoverflow.com/questions/47876555/c-ssl-cert-in-memory-curl-and-openssl-fails-to-add>. >> >> The problem is with adding a in-memory SSL-certificate on an Ubuntu machine >> with the ssslctx_function. However, X509_STORE_add_cert always returns 0 and >> therefore my application fails to connect. >> >> What am I doing wrong? On multiple Windows machines this code works great? >> >> (Please see the thread on�stack overflow >> <https://stackoverflow.com/questions/47876555/c-ssl-cert-in-memory-curl-and-openssl-fails-to-add>�for >> more details) > > That is arguably a bug in the example. It's quite possible libcurl may have > already loaded the CA certificate that you are trying to load via > X509_STORE_add_cert, and so it returns an error. For example your libcurl in > Ubuntu may have a CA certificate bundle that was set at build-time and so at > runtime it will set that default path [1] and then load them before the CTX > callback is called. Set CURLOPT_CAINFO to NULL to override the default. Also, > I've fixed the example to stop treating cert-already-exists as an error [2]. > It would be helpful if you could test the changes. > > [1]: https://github.com/curl/curl/blob/curl-7_57_0/lib/url.c#L492-L500 > <https://github.com/curl/curl/blob/curl-7_57_0/lib/url.c#L492-L500> > [2]: https://github.com/curl/curl/pull/2182 > <https://github.com/curl/curl/pull/2182> > > ------------------------------------------------------------------- > Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library > Etiquette: https://curl.haxx.se/mail/etiquette.html
------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
