Thanks so much for the replies!
> Unfortunately, silver bullets are rare. Secure Transport does not support > TLS > 1.3 which also might trigger some issues for you going forward. Apple themselves have given up on Secure Transport and moved on. It is only > provided for legacy. I appreciate this! So, don't use that. Easy enough, I'll just go back to using OpenSSL. I thought Secure Transport might be the answer because of this page: https://curl.se/docs/install.html It says in the 'Apple Platforms' section that the modern approach was to use Secure Transport. Should that be updated? That error is because CURLOPT_CAINFO was set to a certificate bundle > that can't be loaded. [1][2] If you want to use the OS cert store > instead you'll have to disable that option. From the doc, regarding > secure transport, "If the option is not set, then curl uses the > certificates in the system and user Keychain to verify the peer." > > [1]: > > https://github.com/curl/curl/blob/curl-8_3_0/lib/vtls/sectransp.c#L1991-L2000 > [2]: https://curl.se/libcurl/c/CURLOPT_CAINFO.html That's odd, because I did not specify anything on iOS (in code or when building libcurl); I do on Android, but I have no idea where the system certificates are located on iOS. Do I disable that by explicitly setting CURLOPT_CAINFO to the empty string? I assumed I'd have to find and specify the iOS store manually but I couldn't find anything in searches for where the certificates might be. Sincerely, Andrew Patterson
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
