[maemo-developers] ca-certificates
From: Eero Tamminen eero.tamminen at nokia.comDate: Tue Dec 18 11:32:01 EET 2007
- Previous message: ca-certificates
- Next message: update-alternatives missing features
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi, ext Dongi wrote: > The other day I've ported and tried to use esniper (v2-17) on my Nokia tablet. > This is an eBay auction tool and uses CURL and SSL for the https dialogue. > > #> ldd ./esniper > libcurl.so.3 => /usr/lib/libcurl.so.3 (0x00000000) > libssl.so.0.9.7 => /usr/lib/libssl.so.0.9.7 (0x00000000) > libcrypto.so.0.9.7 => /usr/lib/libcrypto.so.0.9.7 (0x00000000) > libdl.so.2 => /lib/libdl.so.2 (0x00000000) > libz.so.1 => /usr/lib/libz.so.1 (0x00000000) > libc.so.6 => /lib/libc.so.6 (0x00000000) > /lib/ld-linux.so.3 => /lib/ld-linux.so.3 (0x00000000) > > Compilation went fine but I've got the following run time error: > > Auction 3422354654675: Cannot connect to URL : problem with the SSL CA > cert (path? access rights?): SSL certificate problem, verify that the CA > cert is OK. Details: error:14090086:lib(20):func(144):reason(134) > > which is an error returned by libcurl (CURLE_SSL_CACERT) Could you strace[1] where it tries to get them? strace -e trace=open ./esniper [1] See: http://maemo.org/development/tools/ If it searches them from the "wrong" place, you could have a symlink for that. > On another Debian system the root certificates are stored in > /etc/ssl/certs/ca-certificates.crt > > Nokia doesn't have a ca-certificates package and even if you install > the relevant files libcurl/libssl ignores them. According to "man update-ca-certificates": /etc/ca-certificates.conf A configuration file. /etc/ssl/certs/ca-certificates.crt A single-file version of CA certificates. This hold all CA cer‐ tificates that you activated in /etc/ca-certificates.conf. /usr/share/ca-certificates Directory of CA certificates. > The only certificates available on Nokia are these: > #>dpkg -L certs > /usr/share/certs/certman.cst > [...] > > I've tried to modify the source and set > curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0); > to ignore certificates but then it is not compiling. > > What should I do ? Maybe you could make e.g. a bug about certificates being put to standard(?) place not getting things certified? :-) - Eero
- Previous message: ca-certificates
- Next message: update-alternatives missing features
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]