On Tue, 18 Jun 2019, * * via curl-library wrote:
Sending an HTTPS GET request with that code produces error
CURLE_PEER_FAILED_VERIFICATION (60) with the error message "Cert verify
failed: BADCERT_NOT_TRUSTED". So, obviously the certificates are not
properly taken into account during the TLS handshake.
I don't know a lot about Windows and extracting the CA store on Windows, but I
think this problem happens because you haven't actually got the full cert
store in that function.
At least David Weisgerber's code from two years ago seems to do more:
https://curl.haxx.se/mail/meet-2017-03/0030.html
(That example is for OpenSSL but I think the Windows parts should be
similar.)
--
/ daniel.haxx.se | Get the best commercial curl support there is - from me
| Private help, bug fixes, support, ports, new features
| https://www.wolfssl.com/contact/
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html