#19621: curl / polarssl handshake error
--------------------------+--------------------------------
Reporter: anonymous | Owner: developers
Type: defect | Status: reopened
Priority: normal | Milestone: Chaos Calmer 15.05
Component: base system | Version: Trunk
Resolution: | Keywords: curl polarssl
--------------------------+--------------------------------
Comment (by zloop):
this might be a packaging issue/local setup issue
test run on WDR3600 ar71xx w. LEDE r278
{{{
root@OpenWrt:/tmp# curl -V
curl 7.48.0 (mips-openwrt-linux-gnu) libcurl/7.48.0 mbedTLS/2.2.1
libssh2/1.6.0
Protocols: file ftp ftps http https scp sftp
Features: IPv6 Largefile SSL
}}}
adresses that fail (basically all):
{{{
curl -v https://www.tagesschau.de
curl -v https://zeustracker.abuse.ch
curl -v https://www.howsmyssl.com/a/check
}}}
using certificate store does not work with mbedtls (curl/mbedtls will not
build with the ca-path option)
so ca-certificates is not useful with mbedtls i think (it does not provide
a single cert file)
using a cacert.pem file does work - from:
https://curl.haxx.se/docs/caextract.html
now its working (and by adding certificates to cacert.pem):
{{{
curl --cacert /etc/ssl/cacert.pem -v https://www.howsmyssl.com/a/check
curl --cacert /etc/ssl/cacert.pem -v https://zeustracker.abuse.ch
curl --cacert /etc/ssl/cacert.pem -v https://www.tagesschau.de
curl --cacert /etc/ssl/cacert.pem -v
https://downloads.openwrt.org/chaos_calmer/15.05.1
}}}
--
Ticket URL: <https://dev.openwrt.org/ticket/19621#comment:24>
OpenWrt <http://openwrt.org>
Opensource Wireless Router Technology
_______________________________________________
openwrt-tickets mailing list
openwrt-tickets@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-tickets
