Hi, Stephan Assmus schrieb: [snip]
configure: Configured to build curl/libcurl: curl version: 7.19.7 Host setup: i586-pc-haiku Install prefix: /boot/common Compiler: gcc SSL support: enabled (OpenSSL) SSH support: no (--with-libssh2) zlib support: enabled krb4 support: no (--with-krb4*) GSSAPI support: no (--with-gssapi) SPNEGO support: no (--with-spnego) c-ares support: no (--enable-ares) ipv6 support: no (--enable-ipv6) IDN support: no (--with-libidn) Build libcurl: Shared=yes, Static=yes Built-in manual: no (--enable-manual) Verbose errors: enabled (--disable-verbose) SSPI support: no (--enable-sspi) ca cert bundle: no ca cert path: noLDAP support: no (--enable-ldap / --with-ldap-lib / --with-lber-lib)LDAPS support: no (--enable-ldaps)I am wondering whether the lines about "ca cert bundle" and "ca cert path" are perhaps the problem.Best regards, -Stephan
Blaming the missing ca cert bundle for causing the "Peer certificate cannot be authenticated with known CA certificates" would make sence to me. But after checking the certificate issued by www.googlemail.com it turns out that it is verified by a corporation called Thawte Consulting (Pty) Ltd. I used firefox 3.5 on Ubuntu which shows this little security lock on the statusbar when surfing on a https page, to retrieve this information. By clicking on this lock an information window will pop up giving you a bunch of information about the certificate in use. When I'm recalling my IT security course correctly, every browser has a built in list of trusted root certificates. So I doubt those root certificates are provided by the webkit repository (at least I didn't find anything there) or openssl, as you have to verify that the root certificates are trustworthy before including them in the browser. After reading the FAQ on the openssl website I came across this entry http://www.openssl.org/support/faq.html#USER16 speaking about a) that openssl doesn't ship root certificates and b) how to extract root certificates from the mozilla repository.
Hope this helps a bit. -Colin