Reputation: 105
Adding ssl certificates for the cCURL in android has errors
I have cross built the curl and openssl for the android with help of this link Using cURL in Android .. I am able to build succesfully . and now I am trying to run my application , in my application I need to add my own certificates , when I tried to add the certificates which are stored in sdcard via my native code ,I am getting the following error response from the curl i.e CURLE_SSL_CERTPROBLEM (58)=>problem with the local client certificate. and if remove all certificates in my below application and if I use the simple https curl client with out certificates get the following error CURLE_SSL_CACERT_BADFILE (77) .
Here with I have put my code , and in that I am just trying to read the certificates from sdcard(I had copied and pasted in the sdcard) .
am I loading the certificates properly ?
//Inteface funciton that will recieve web page fom Java
{
pageInfo_t page;
CURL *curl;
CURLcode res;
char *buffer;
static const char *pCertFile = "/mnt//sdcard/sslcerts/33330001-root.x509";
static const char *pCACertFile="/mnt//sdcard/sslcerts/root.x509.crt";
pKeyName = "/mnt/sdcard/sslcerts/33330001-root-privkey.der";
const char *pKeyName;
const char *pKeyType;
const char *pEngine;
const jbyte *webpage;
pKeyType = "DER";
pEngine = NULL;
webpage = (*env)->GetStringUTFChars(env, webpageJStr, NULL);
if (webpage == NULL) {
return NULL; /* OutOfMemoryError already thrown */
}
page.data = (char *)malloc(16 * 1024);
page.len = 0;
if (page.data)
memset(page.data, 32, 16 * 1024);
buffer = (char *)malloc(1024);
curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_URL, webpage);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, HTTPData);
curl_easy_setopt(curl, CURLOPT_WRITEDATA, &page);
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
curl_easy_setopt(curl,CURLOPT_SSLCERTTYPE,"DER");
curl_easy_setopt(curl,CURLOPT_SSLCERT,pCertFile);
curl_easy_setopt(curl,CURLOPT_SSLKEYTYPE,pKeyType);
curl_easy_setopt(curl,CURLOPT_SSLKEY,pKeyName);
curl_easy_setopt(curl,CURLOPT_CAINFO,pCACertFile);
curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,1L);
res = curl_easy_perform(curl);
/* always cleanup */
curl_easy_cleanup(curl);
(*env)->ReleaseStringUTFChars(env, webpageJStr, webpage);
if(res == 0) {
if (buffer) {
page.data[page.len < 256 ? page.len : 256] = '\0';
sprintf(buffer, "pagedata(%d): %s. done.\n", page.len, page.data);
return (*env)->NewStringUTF(env, buffer);
}
}
sprintf(buffer, "Result %d", res);
return (*env)->NewStringUTF(env, buffer);
} else {
return (*env)->NewStringUTF(env, "Unable to init cURL");
}
}
Upvotes: 3
Views: 1545
Answers (1)
Reputation: 25396
You need to add this line
#define CURL_CA_BUNDLE "/etc/ssl/certs/ca-certificates.crt"
to curl_config.h while building libCurl.
Upvotes: 3
Related Questions
- How to make SSL peer_verify work on Android?
- porting libcurl on android with ssl support
- Android and libCurl https
- Android-21 static build of libcurl with OpenSSL
- libcurl CURLE_SSL_CACERT_BADFILE error on android
- cURL not respecting TLS v1
- Libcurl Certificate Pinning working on iPhone but not on Android
- Compiling OpenSSL on Android
- linking openssl so libraries with android make file
- openssl support in android core