Re: Curl problem with SSL

Sun, 21 Jul 2019 03:52:17 -0700 

On Sun, 21 Jul 2019, Subrata Dasgupta via curl-library wrote:
Hi, please consider using emails in text format when sending it to this (and other?) mailing lists going forward. I read mails in text format only and the list archive on the curl web site also doesn't convert HTML-only emails properly. Your mail thus looks like this to me and the archive: 

  https://curl.haxx.se/mail/lib-2019-07/0059.html

... as you can see, it is hard to understand with no good reason!


Can you please help me to understand why below mentioned problem is coming?


I can try.
Earlier a 32 bit c++ application was using curl-7.20.1 and there was no problem while connecting with the SSL enabled device over HTTPS.
Are you using the same TLS library and version with your upgraded libcurl as you used with than ancient libcurl version? (I hope you're not, since then you're probably vulnerable to numerous securely problems.) 

Which TLS library and version are you using?
But when library is upgraded to libcurl-7.61.1 c++ application is getting few strange errors while working with new curl library though there is no change in the application source code or certificate. 

It is possible that your upgrade has increased the default levels.
In the logs I am getting following error strings.TLSv1.2 (IN), TLS handshake, Finished (20):SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384ALPN, server did not agree to a protocol SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway. 

So your transfer succeeds, you're just curious about this log output?


skipping SSL peer certificate verification
I strongly recommend you do NOT do this. It makes your HTTPS use totally insecure. 


Same certificate file was also used earlier but there was no error.
You mean CA cert file? But that's pointless when you switch off the checks anyway. 

What is the actual error from the transfer?

--

 / daniel.haxx.se | Get the best commercial curl support there is - from me
                  | Private help, bug fixes, support, ports, new features
                  | https://www.wolfssl.com/contact/
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html
  • Curl problem with SSL Subrata Dasgupta via curl-library
    • Re: Curl problem with SSL Daniel Stenberg via curl-library

Reply via email to