Curl HTTPS OpenSSL Certificate issue
I am having an issue with HTTPS certification using curl. My curl is configured with OpenSSL. If the certification verification is failed I dont want to terminate the operation, instead I want to continue by just putting a log message. For this I have used OpenSSL SSL_CTX_set_verify() function to set my static C callback function. During HTTPS transaction, my callback is also getting called with first parameter 0 or 1 (depending upon of the certificate verification is success or failure). But even if my certification verification is failure, I want to continue. So I have hard coded to return value as 1 always from my callback function. But still I see the certification error and I don't get the page. Any suggestion please? My sample code is as below. Please help
#include <stdio.h>
#include <curl/curl.h>
#include <openssl/x509v3.h>
#include <openssl/ssl.h>
static int verify_callback(int ok, X509_STORE_CTX *ctx)
{
printf("verify_callback function with %d\n",ok);
return 1;
}
static CURLcode sslContextGetter(CURL* curl, void* sslContext, void* data)
{
printf("In sslContextGetter\n");
SSL_CTX_set_verify(static_cast<SSL_CTX*>(sslContext),SSL_VERIFY_CLIENT_ONCE ,verify_callback);
return (CURLcode)0;
}
int main(void)
{
CURL *curl;
CURLcode res;
curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_SSL_CTX_FUNCTION, *sslContextGetter);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, true);
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
curl_easy_setopt(curl, CURLOPT_CAINFO, "/etc/curl");
//curl_easy_setopt(curl, CURLOPT_URL, "https://www.paypal.com");
curl_easy_setopt(curl, CURLOPT_URL, "https://selfcare.myway.in");
res = curl_easy_perform(curl);
/* always cleanup */
curl_easy_cleanup(curl);
}
return 0;
}
|