On Sat, 30 May 2020, Nicolas Mora via curl-library wrote:
Is it possible with libcurl to use a self-signed client certificate?
Yes. To libcurl it doesn't matter who signed it, as long as you can verify the
signature with the CA cert bundle.
CURLOPT_SSLCERT documentation doesn't provide information about that.
That's the option for *client certs*. That basically the opposite, when you as
a client provide a cert to the server so it can verify you.
You want CURLOPT_CAINFO which specifies the path to a PEM file containing the
root or leaf certs to verify the server with.
You can use openssl to get that CA cert from your server like this:
$ echo quit | openssl s_client -showcerts -servername [server] -connect \
[server]:443 > cacert.pem
--
/ daniel.haxx.se | Commercial curl support up to 24x7 is available!
| Private help, bug fixes, support, ports, new features
| https://www.wolfssl.com/contact/
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
