Problem with certificates on windows only? #1
Comments
|
Interesting, I'll try to upgrade the script, haven't done that in a while, maybe it will fix the problem. |
|
I've already have to revert one cert for our usage https://github.com/Kdyby/CurlCaBundle/tree/with-old-cybertrust-root. |
|
https://www.ssllabs.com/ssltest/analyze.html?d=heureka.cz&latest "Certificate uses a weak signature. When renewing, ensure you upgrade to SHA2." |
|
It's hard to say as I don't know how it is processed internally in curl. Is it possible that on linux it's enought that top level authority is trusted and on windows it requires all levels to be trusted? When I compare ca-bundle.crt on my dev machine with that from production server, there is no change in "thawte" brand (and even if I replace my ca-bundle.crt with that from production it do not help)... |
|
I'm guessing the problem started with this commit, right? 50b9eef |
|
Yes, when I try ca-bundle.crt before that commit, it works. After that it ends with SSL error... |
|
You can just lock on the previous tag v1.0.5 and it should work till we figure something out... |
|
Ok, thanks |
Hi,
I just discover problem that on windows machines I'm not able to crawl some sites (for example http://ssl.heureka.cz/login-process/). Even when I use CurlCaBundle I still getting error SSL Certificate problem: Unable to get local issuer certificate.
The same domain is used for Heureka Kosik Api and it works ok (on production server).
When I use quite old crt file from http://filehostuk.com/downloads/cacert.rar it works ok (i found it thanx to this post). Do you have any idea why?
The text was updated successfully, but these errors were encountered: