#19621: curl / polarssl handshake error --------------------------+-------------------------------- Reporter: anonymous | Owner: developers Type: defect | Status: reopened Priority: normal | Milestone: Chaos Calmer 15.05 Component: base system | Version: Trunk Resolution: | Keywords: curl polarssl --------------------------+--------------------------------
Comment (by zloop): this might be a packaging issue/local setup issue test run on WDR3600 ar71xx w. LEDE r278 {{{ root@OpenWrt:/tmp# curl -V curl 7.48.0 (mips-openwrt-linux-gnu) libcurl/7.48.0 mbedTLS/2.2.1 libssh2/1.6.0 Protocols: file ftp ftps http https scp sftp Features: IPv6 Largefile SSL }}} adresses that fail (basically all): {{{ curl -v https://www.tagesschau.de curl -v https://zeustracker.abuse.ch curl -v https://www.howsmyssl.com/a/check }}} using certificate store does not work with mbedtls (curl/mbedtls will not build with the ca-path option) so ca-certificates is not useful with mbedtls i think (it does not provide a single cert file) using a cacert.pem file does work - from: https://curl.haxx.se/docs/caextract.html now its working (and by adding certificates to cacert.pem): {{{ curl --cacert /etc/ssl/cacert.pem -v https://www.howsmyssl.com/a/check curl --cacert /etc/ssl/cacert.pem -v https://zeustracker.abuse.ch curl --cacert /etc/ssl/cacert.pem -v https://www.tagesschau.de curl --cacert /etc/ssl/cacert.pem -v https://downloads.openwrt.org/chaos_calmer/15.05.1 }}} -- Ticket URL: <https://dev.openwrt.org/ticket/19621#comment:24> OpenWrt <http://openwrt.org> Opensource Wireless Router Technology _______________________________________________ openwrt-tickets mailing list openwrt-tickets@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-tickets