Hi,
I have configured CURL to use WinSSL (schannel), and it does trust system
trusted CAs just fine (that was the goal). However, one user has proxy
configuration, where it acts as man-in-the-middle. Such configuration in
general works just fine with our CURL lib build, and proxy provided
certificates do look ok. Windows does trust their root CA certificate, and
every other software is able to also verify proxy generated certificates
(browsers, .NET apps, etc.).
Certificate path looks something like this:
User root CA
User intermediate CA
*.ourservice.com
Only "User intermediate CA" contains CRL distribution points, those are
working. "User root CA" is trusted by OS.
However, we get this logged by CURL:
schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) -
The revocation function was unable to check revocation for the certificate
Trusting "User intermediate CA" in Windows did not help also.
There is not many leads, but maybe anyone has any hint what could have gone
wrong?
Thanks,
Vincas
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
