On Tue, 3 Oct 2023, Andrew Patterson via curl-library wrote:
Trying [redacted]:443... Connected to [redacted] ([redacted]) port 443 (#0) ALPN, offering http/1.1 TLSv1.2 (OUT), TLS handshake, Client hello (1): TLSv1.2 (IN), TLS handshake, Server hello (2): TLSv1.2 (IN), TLS handshake, Certificate (11): TLSv1.2 (OUT), TLS alert, unknown CA (560): SSL certificate problem: self signed certificate in certificate chain Closing connection 0
This is your problem, which seems unrelated to CURLOPT_CAINFO. Setting it to NULL is what you want.
"self signed certificate in certificate chain" sounds like a valid reason to not accept the connection.
However: the only place it seems possible for libcurl to output that error message is in the OpenSSL backend. Not the Secure Transport backend.
https://github.com/curl/curl/blob/83ec54e1b9dcf3482d8c98ee3b3c08d054bb694b/lib/vtls/openssl.c#L3938 -- / daniel.haxx.se | Commercial curl support up to 24x7 is available! | Private help, bug fixes, support, ports, new features | https://curl.se/support.html -- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
