libcurl证书验证失败
[英]libcurl certificate verification fails
问题描述
I am using libcurl from C++ code but it it failing during certificate verification. 
我正在使用C ++代码中的libcurl,但在证书验证期间失败。 Here is the error output: 这是错误输出:
errorbuffer: error setting certificate verify locations: CAfile: /usr/share/ssl/certs/ca-bundle.crt CApath: none errorbuffer:错误设置证书验证位置:CAfile:/usr/share/ssl/certs/ca-bundle.crt CApath:无
I don't understand why does it look for certificate in that location, I haven't specified any particular location. 我不明白为什么它要在那个位置寻找证书,我没有指定任何特定的位置。 Running it in unsecure mode by using below code runs normally: 使用以下代码以不安全模式运行它可以正常运行:
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,0L);
But I want to run it in secure mode. 但是我想在安全模式下运行它。
Any ideas why is it looking for certificates in that wrong location? 有什么想法为什么要在那个错误的位置寻找证书?
Thanks. 谢谢。
1 个解决方案
解决方案1
4 已采纳 2015-08-20 09:34:41
libcurl has a built-in default location where it looks for the CA cert bundle. libcurl具有一个内置的默认位置,用于查找CA证书捆绑包。 That default path is set when libcurl is built. 在构建libcurl时会设置该默认路径。 In many cases that would be done by the Linux distro maker(s). 在许多情况下,这将由Linux发行商来完成。
If you want to provide a different CA cert bundle that the default, libcurl offers options to do so: 如果要提供默认的其他CA证书捆绑包,libcurl提供了这样做的选项:
- CURLOPT_CAINFO sets the file name to load CA certs from CURLOPT_CAINFO设置文件名以从中加载CA证书
- CURLOPT_CAPATH sets the directory (for primarily OpenSSL-using libcurl versions) in which single CA certs are stored CURLOPT_CAPATH设置用于存储单个CA证书的目录(主要用于使用OpenSSL的libcurl版本)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.