curl fails to take self signed certificate

Question

I've installed apache 2 server with self signed certificate.My browser is showing 'It works!' when I tried to connect to the sever. But from an application when I issued cur_easy_perform() the call failed with error code 60: Peer certificate cannot be authenticated with given CA certificates!

Does the browser really verified the server's certificate? If I want to avoid the above error what need to be done further?

Thanks.

Is this coz of the certificate is n't been added to certificate bundle? if it is, how to do it? — crusader, May 18 '13 at 10:32

score 0 · Accepted Answer · answered May 18 '13 at 10:40

0

Curl uses the SSL certs maintained by your OS (normally in /etc/ssl/certs, or /user/lib/ssl/crts) to verify certs. Your browser will normally use its own certificate store. Hence adding a cert to your browser won't necessarily allow curl to verify it.

To add the cert to the store used by curl, download the cert to /etc/ssl/certs (or whatever directory your distribution keeps its ssl certs in), and run c_rehash in that directory.

answered May 18 '13 at 10:40

Cian

5,838
1
28
40

I've one more question..... how to tell apache web server to verify client SSL certificate? – crusader May 19 '13 at 04:55
This is answered in this question : http://serverfault.com/questions/291466/apache-client-certificate-authentication – Cian May 20 '13 at 00:19

curl fails to take self signed certificate

1 Answers1