0

I am trying to download a file from my local https server using libcurl. However, it is failing to do so and I am not sure how to debug this? The perror doesn't set anything. Also, the local https server I am using is using - openssl - 2048 bits. This is generated using the following command.

openssl req -x509 -newkey rsa:2048 -nodes -keyout key.pem -out cert.pem -days 365

Here is my C-Code. I am running this on linux - C

    #include <openssl/err.h>
    #include <openssl/ssl.h>
    #include <curl/curl.h>
    #include <stdio.h>

    size_t writefunction(void *ptr, size_t size, size_t nmemb, void *stream)
    {
      printf("called.. writeFunction\r\n");
      fwrite(ptr, size, nmemb, (FILE *)stream);
      return (nmemb*size);
    }

        int main(void)
        {
          CURL *ch;
          CURLcode rv;
          char caPath[128];
          char errbuf[CURL_ERROR_SIZE];

          rv = curl_global_init(CURL_GLOBAL_ALL);
          ch = curl_easy_init();


          rv = curl_easy_setopt(ch, CURLOPT_URL, "https://110.166.10.296:9000/test.conf");

         /* provide a buffer to store errors in */
  curl_easy_setopt(ch, CURLOPT_ERRORBUFFER, errbuf);
           /* provide a buffer to store errors in */
  curl_easy_setopt(ch, CURLOPT_ERRORBUFFER, errbuf);

          rv = curl_easy_setopt(ch, CURLOPT_WRITEFUNCTION, *writefunction);
          rv = curl_easy_setopt(ch, CURLOPT_WRITEDATA, stdout);
          rv = curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 1L);

          printf("set Up CA Path..\r\n");
          memset(caPath,'0',sizeof(caPath));
          strcpy(caPath,"/home/test/SSL_Server");
          rv = curl_easy_setopt(ch, CURLOPT_CAPATH,caPath);

          rv = curl_easy_perform(ch);
          printf("curl easy perform done..\r\n");

          if(rv == CURLE_OK)
            printf("*** transfer succeeded ***\n");
          else
          {
             printf("*** transfer failed..****\n");
             perror("failed:");

                   /* if the request did not complete correctly, show the error
  information. if no detailed error information was written to errbuf
  show the more generic information from curl_easy_strerror instead.
  */
    size_t len = strlen(errbuf);
    fprintf(stderr, "\nlibcurl: (%d) ", rv);
    if(len)
      fprintf(stderr, "%s%s", errbuf,
              ((errbuf[len - 1] != '\n') ? "\n" : ""));
    else
      fprintf(stderr, "%s\n", curl_easy_strerror(rv));
          }


          return 0;
        }

Compilation -

gcc curl.c -o curl.out -lcurl

O/p - 

   ./curl.out 
set Up CA Path..
curl easy perform done..
*** transfer failed..****

libcurl: (60) SSL certificate problem: self signed certificate
Bali Vinayak
  • 289
  • 1
  • 4
  • 11
  • You appear to be ignoring the returned status from the curl_easy_perform() call. Per https://curl.haxx.se/libcurl/c/curl_easy_perform.html, that would give you a very good idea about what the problem is. – James McPherson Mar 05 '18 at 23:09
  • Additionally you could use curl_easy_setopt() with CURL_ERRORBUFFER (see this [example](https://curl.haxx.se/libcurl/c/CURLOPT_ERRORBUFFER.html) to see how to use it) to determine what error curl is discovering. – TonyB Mar 05 '18 at 23:54
  • I am using this to download a file from a self -signed certificate using openssl. – Bali Vinayak Mar 06 '18 at 00:17
  • updated my code and seeing the real problem now - SSL certificate problem: self signed certificate. Any idea what I should do here? – Bali Vinayak Mar 06 '18 at 00:48
  • 1
    lmgtfy https://stackoverflow.com/questions/17597457/why-wont-curl-recognise-a-self-signed-ssl-certificate – Jeff Holt Mar 06 '18 at 00:50

1 Answers1

0
rv = curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, 1L);

This code is enabling SSL certificate verification, which is failing because you're using a self-signed certificate. Set this option to 0 to disable verification.