Https is not supported in libcurl window alertnative than using CURLOPT_CAINFO
Question
We are using libcurl (7.3.6) in our application. API call for "Https URL" giving "curle_ssl_cacert error". I have been able to resolve this using
curl_easy_setopt(curl, CURLOPT_CAINFO, "PATH\\curl-ca-bundle.crt");
but we don't want to maintain this file in our application. Is there any way we can directly access from OS or from an alternative location?
1 answers
solution1
0 2019-05-16 06:53:22
For Windows,
If you want to use windows own "CA certificate", You need to rebuild curl to with schannel backend instead(aka "winssl"). It will access from windows cert store by default. Openssl does not support to use windows system certificate on its own(see this answer ), and must specify the certificate in PEM format, or set the default certificate when building libcurl with parameter --with-ca-bundle and --with-ca-path .
For Linux,
According to the document :
If libcurl was built with NSS support, then depending on the OS distribution, it is probably required to take some additional steps to use the system-wide CA cert db. RedHat ships with an additional module, libnsspem.so, which enables NSS to read the OpenSSL PEM CA bundle.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.