Hi , I am using openssl 1.0.1c and curl curl-7.28.1
my curl settings are below . curl_easy_setopt(curl, CURLOPT_SSL_CIPHER_LIST,"ECDHE-ECDSA-AES128-CCM"); curl_easy_setopt(curl,CURLOPT_SSLCERTTYPE,"PEM"); curl_easy_setopt(curl,CURLOPT_SSLKEYTYPE,"PEM"); curl_easy_setopt(curl,CURLOPT_SSLCERT,"/tmp/CliCom.crt"); curl_easy_setopt(curl,CURLOPT_SSLKEY,"/tmp/ClientKey.pem"); curl_easy_setopt(curl,CURLOPT_CAINFO,"/tmp/RootCA.crt"); curl_easy_setopt (curl, CURLOPT_CAPATH, "/tmp/"); Error log : /tmp # ./curlClient GET index.html * About to connect() to 192.168.1.127 port 443 (#0) * Trying 192.168.1.127... * connected * Connected to 192.168.1.127 (192.168.1.127) port 443 (#0) * successfully set certificate verify locations: * CAfile: /tmp/RootCA.crt CApath: /tmp/ * SSL certificate problem: certificate is not yet valid * Closing connection #0 * Peer certificate cannot be authenticated with given CA certificates curl_easy_perform return value= Peer certificate cannot be authenticated with given CA certificates the same setting works when I run the client on PC . even I had tried with RSA certificates as well but getting the same error . Rgds Indra On Wed, Jul 24, 2013 at 4:20 PM, Oscar Koeroo <okoe...@nikhef.nl> wrote: > > > The error hints that the CA certificate could not be found to verify the > certificate of the other peer. Perhaps they are missing, the hash > filenames in the CA directory doesn't match the switch over between > 0.9.8 and the 1.x.x version., or something went wrong providing the CA > file explicitly. > > > Could you provide some more information? Like which settings, OpenSSL > version and more debug output? > > > Oscar > > > ------------------------------------------------------------------- > List admin: http://cool.haxx.se/list/listinfo/curl-library > Etiquette: http://curl.haxx.se/mail/etiquette.html >
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
