[haiku-development] CA certificates, CURL and OpenSSL
- From: Stephan Assmus <superstippi@xxxxxx>
- To: haiku-development@xxxxxxxxxxxxx
- Date: Sun, 07 Feb 2010 13:32:26 +0100
Hi all,
I've been trying to figure out what may be the underlying problem of the
WebKit browser not being able to handle certificates. When I try to surf to
a site like www.googlemail.com or log into www.gmx.net, I am getting an
error back from WebKit: "Peer certificate cannot be authenticated with
known CA certificates".
Talking to someone on #webkit, it sounds like this may be a problem in our
libcurl package. I looked at the port log page at ports.haiku-files.org,
and there is no special mention of OpenSSL support. But when I downloaded
the libcurl source and compiled it myself, it does configure with OpenSSL
support without me having to specifically enable it. Seems like it picks up
the ssl path from the prefix.
In any case, can anyone with some OpenSSL experience (Oliver?) comment on
what may be going on? The configure output from libcurl looks like this:
configure: Configured to build curl/libcurl:
curl version: 7.19.7
Host setup: i586-pc-haiku
Install prefix: /boot/common
Compiler: gcc
SSL support: enabled (OpenSSL)
SSH support: no (--with-libssh2)
zlib support: enabled
krb4 support: no (--with-krb4*)
GSSAPI support: no (--with-gssapi)
SPNEGO support: no (--with-spnego)
c-ares support: no (--enable-ares)
ipv6 support: no (--enable-ipv6)
IDN support: no (--with-libidn)
Build libcurl: Shared=yes, Static=yes
Built-in manual: no (--enable-manual)
Verbose errors: enabled (--disable-verbose)
SSPI support: no (--enable-sspi)
ca cert bundle: no
ca cert path: no
LDAP support: no (--enable-ldap / --with-ldap-lib /
--with-lber-lib)
LDAPS support: no (--enable-ldaps)
I am wondering whether the lines about "ca cert bundle" and "ca cert path"
are perhaps the problem.
Best regards,
-Stephan
Other related posts:
