Nov 19, 2007

Fedora 8 and cURL

Yesterday I've discovered that one module of my project doesn't work, namely, it was a file upload using cURL library. The module suppose to upload files to an https url without checking of peer (insecure upload). I set parameters like CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST to 0. But I got an error in anyway:
Exception: couldn't transfer the InputSandbox file:
"***" to "https://***". Http error code: 0
Curl error: peer certificate cannot be authenticated
with known CA certificates.
Everything was perfectly working for a year or so. But after I have moved to Fedora8 my unit tests of the module started to fail.
I spent several hours and finally found the seed of the problem. If you get similar error while having insecure transfer, that would most probably mean, you are facing an Issue described here and here and here (Bug 387991). It has something to do with cURL with NSS as the SSL engine (instead of OpenSSL).
If you face this problem, one of the solution would be to rebuild cURL with OpenSSL support or wait until developers of Fedora and cURL fix it.

No comments: