ca-certificate.crt issue with certain https server.

Raghavendra Bilamkar Wed, 11 Aug 2010 18:45:28 -0700

Hi All,



I have a very strange problem, I had developed a application which would
playback the contents from the https server.

In this issue, when I play the content URL Server A it leads  below crash,
but if I a play from Server B URL it plays properly.  Both Server A and
Server B are HTTPS servers and files are different.



Exception!

signal: Illegal instruction

reason: kernel



special registers:

  $pc: 0x13255584x

  $hi: 0x00000000x

  $lo: 0x00000032x



generic registers:

  $zero: 0x00000000lx  $at: 0x00000001lx  $v0: 0x00000032lx  $v1:
0x00000016lx

    $a0: 0x780425268lx  $a1: 0x00000034lx  $a2: 0x00000016lx  $a3:
0x00000004lx

    $t0: 0x00000000lx  $t1: 0x00000000lx  $t2: 0x00000002lx  $t3:
0x00000000lx

    $t4: 0x00000002lx  $t5: 0x00000017lx  $t6: 0x00000000lx  $t7:
0x00000072lx

    $s0: 0x00000008lx  $s1: 0x00000016lx  $s2: 0x00000034lx  $s3:
0x00000000lx

    $s4: 0x00000002lx  $s5: 0x00000004lx  $s6: 0x13255576lx  $s7:
0x780425268lx

    $t8: 0x00000000lx  $t9: 0x13255576lx  $k0: 0x780500991lx  $k1:
0x00000000lx

    $gp: 0x722720864lx  $sp: 0x780425152lx  $fp: 0x00000000lx  $ra:
0x721107780lx



call stack:

[0xca43a0]

/usr/lib/libcurl.so.4(OBJ_bsearch_ex_+0x80)[0x2afb3b44]

/usr/lib/libcurl.so.4[0x2afda22c]

/usr/lib/libcurl.so.4(sk_find+0x2c)[0x2afda2d4]

/usr/lib/libcurl.so.4(X509_OBJECT_retrieve_match+0x44)[0x2b00c5a0]

/usr/lib/libcurl.so.4(X509_STORE_add_cert+0xf4)[0x2b00d7e4]

/usr/lib/libcurl.so.4(X509_load_cert_crl_file+0x160)[0x2b010880]

/usr/lib/libcurl.so.4[0x2b010a2c]

/usr/lib/libcurl.so.4(X509_LOOKUP_ctrl+0x40)[0x2b00c1e0]

/usr/lib/libcurl.so.4(X509_STORE_load_locations+0x84)[0x2b004c74]

/usr/lib/libcurl.so.4(SSL_CTX_load_verify_locations+0x2c)[0x2af9e414]

/usr/lib/libcurl.so.4[0x2af60d14]

/usr/lib/libcurl.so.4[0x2af61d14]

/usr/lib/libcurl.so.4(Curl_ssl_connect_nonblocking+0x4c)[0x2af787fc]

/usr/lib/libcurl.so.4[0x2af47724]

/usr/lib/libcurl.so.4(Curl_protocol_connect+0x100)[0x2af55b1c]

/usr/lib/libcurl.so.4[0x2af71a18]

/usr/lib/libcurl.so.4(curl_multi_perform+0x110)[0x2af72380]



* *

*Verbose prints for Server A is here*

* Connected to Server A (xxx.xxx.xxx.xxx) port 443 (#0)

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/certs/ca-certificates.crt

  CApath: none

* SSL connection using RC4-SHA

* Server certificate:

*        subject: C=US; ST=Arizona; L=Tempe; O=Limelight Networks, LLC;
CN=*.hs.llnwd.net

*        start date: 2009-06-15 14:39:34 GMT

*        expire date: 2012-09-16 06:17:48 GMT

*        issuer: C=US; O=Equifax; OU=Equifax Secure Certificate Authority

*        SSL certificate verify result: certificate is not yet valid (9),
continuing anyway.



If I delete /etc/ssl/certs/ca-certificate.crt from the archive, then the
application would play from the Server A.

I don’t understand why deleting ca certificates from
/etc/ssl/certs/ca-certificate.crt would playback the file.



Any hints on this issue is highly appreciated.



Curl Version Used: 7.21.0

SSL Version: 1.0.0

Platform: MIPS

Os: Embeded Alley



Regards

Raghu

ca-certificate.crt issue with certain https server.

Reply via email to