Hello all, First, some config info: OpenSSL v1.0.1t
PLATFORM=arm-linux- OPTIONS=enable-tls enable-threads enable-shared --cross-compile-prefix=arm-linux- -pthread --prefix=/usr/local no-ec_nistp_64_gcc_128 no-gmp no-idea no-jpake no-krb5 no-md2 no-mdc2 no-rc5 no-rfc3779 no-ripemd no-sctp no-ssl2 no-store no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic no-static-engine CONFIGURE_ARGS=enable-tls no-zlib threads no-idea no-mdc2 no-rc5 no-ripemd shared --cross-compile-prefix=arm-linux- arm-linux- -pthread --prefix=/usr/local SHLIB_TARGET=linux-shared​ When making a request every certificate in the cacert.pem bundle is output before the response (without the BEGIN/END): <<< Make request >>> MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkGA1UEBhMCQkUx GTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkds b2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAwMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNV BAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYD VQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa DuaZjc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavpxy0Sy6sc THAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp1Wrjsok6Vjk4bwY8iGlb Kk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdGsnUOhugZitVtbNV4FpWi6cgKOOvyJBNP c1STE4U6G7weNLWLBYy5d4ux2x8gkasJU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrX gzT/LCrBbBlDSgeF59N89iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0BAQUF AAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOzyj1hTdNGCbM+w6Dj Y1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE38NflNUVyRRBnMRddWQVDf9VMOyG j/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymPAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhH hm4qxFYxldBniYUr+WymXUadDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveC X4XSQRjbgbMEHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== <<< All other certs follow >>> > POST /ftd/inform HTTP/1.1 Host: <retracted> Authorization: Basic <retracted> Accept: */* Content-Type: application/json Content-Length: 267 < HTTP/1.1 200 OK < Server: openresty < Date: Thu, 26 Oct 2017 18:39:48 GMT < Content-Type: application/json;charset=UTF-8 < Transfer-Encoding: chunked < Connection: keep-alive < Cache-Control: no-cache, no-store < x-trace-id: 70110f353234-275b-0000000000013e4b < 334 bytes retrieved Daniel of cURL believes this is an issue with the OpenSSL lib since it's the only component involved that actually knows of the entire CA cert bundle. libcurl lets the SSL library deal with it and never gets to know the entire thing. Does anyone know what could be causing the CA bundle to get spewed out every time a request is made? I received this library with the config already set so I'm not exactly sure if this is caused by one of those options. (and this does not occur when making the same request with the curl command from my host machine) Thanks for your time, Andy Gale -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
