[OpenWrt-Devel] [PATCH 3/4] Run c_hash on the certificates

Cristian Morales Vega cristian at samknows.com
Thu Sep 25 06:24:38 EDT 2014


On 24 September 2014 21:40, Christian Schoenebeck
<christian.schoenebeck at gmail.com> wrote:
> curl and wget works fine with this as long as they have hashes to look at.

I tried and if I don't build curl with --with-ca-path this command
("curl https://www.google.com") fails. It works for you???

As far as I understand curl would need to call
gnutls_certificate_set_x509_system_trust (GnuTLS) or
SSL_CTX_set_default_verify_paths (OpenSSL) for it to use the system
certificates. And it doesn't. (apparently PolarSSL doesn't have an
equivalent?)
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list