I have the following code to connect to a site:
int main()
{
CURL *curl;
CURLcode res;
curl = curl_easy_init();
if(curl)
{
curl_easy_setopt(curl, CURLOPT_URL, "https://192.168.200.115:8080/appliances");
curl_easy_setopt(curl, CURLOPT_USERNAME, "myusername");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "mypassword");
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
// Perform the request, res will get the return code
res = curl_easy_perform(curl);
// Check for errors
if(res != CURLE_OK)
{
fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(res));
}
//always cleanup
curl_easy_cleanup(curl);
}
return 0;
}
WHen ran I got the error: peer certificate cannot be authenticated with given ca certificates
After googling I found that I had to add the line:
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, false);
BUt now I get the error: ssl peer certificate or ssh remote key was not ok
I have tried adding in:
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 2);
But still the same error.
How can I solve this??
EDIT I added verbose logging:
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
And now I see the following in the output: ssl certificate subject name 'name or server' does not match target host
The X.509 SSL server certificate sent by the server is invalid. If you really want to disable X.509 certificate verification (please, don't do that), you should set CURLOPT_SSL_VERIFYHOST to 0 (default to 2) in order to ask libcurl not to fail if the name contained in the certificate does not match the host you are trying to connect to. If you do that, you will probably have to let CURLOPT_SSL_VERIFYPEER at 0, meaning no X.509 PKI validation.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With