c - curl NSS -12286 error in TLS handshake -


i getting nss -12286 error while trying load https page using ca certificate using cacertinpem.c curl c code. using cacert.pem file in code alog path. same thing working when try using curl -v "https://sampleserve.com:443",in case ssl taking default ca path "/etc/tls/certs/ca.budle.crt"

but c code not working both default ca location , external path selection of ca aswell.

what reason error(nss -12286).

error: * connect() fiservices.sterlingbankng.com port 443 (#0) *   trying 1.1.1.1... * connection timed out *   trying 1.1.1.2... * connected * connected fiservices.sterlingbankng.com (1.1.1.2) port 443 (#0) * initializing nss certpath: /etc/pki/nssdb *   cafile: ./cacert.pem   capath: ./cacert.pem * nss error -12286 * error in tls handshake, trying sslv3...  /canfi/ http/1.1 host: sampleserver.com accept: */*  * connection died, retrying fresh connect * closing connection #0 * issue request url: 'https://sampleserver.com' * connect() sampleserver.com port 443 (#0) *   trying 1.1.1.1... * connection timed out *   trying 1.1.1.2... * connected * connected sampleserver.com (1.1.1.2) port 443 (#0) * tls disabled due previous handshake failure *   cafile: ./cacert.pem   capath: ./cacert.pem * nss error -12286 * closing connection #0 * ssl connect error

sample code:

size_t writefunction( void *ptr, size_t size, size_t nmemb, void *stream) {   fwrite(ptr,size,nmemb,stream);                  return(nmemb*size);                    }  static curlcode sslctx_function(curl * curl, void * sslctx, void * parm) {    x509_store * store;    x509 * cert=null;       bio * bio;                                 char * mypem = "-----begin certificate-----\n"\     "-----end certificate-----\n";  //public certificate      }       int main(void)     {    curl * ch;    curlcode rv;    rv=curl_global_init(curl_global_all);    ch=curl_easy_init();    rv=curl_easy_setopt(ch,curlopt_verbose, 1l);    rv=curl_easy_setopt(ch,curlopt_header, 0l);    rv=curl_easy_setopt(ch,curlopt_noprogress, 1l);    rv=curl_easy_setopt(ch,curlopt_nosignal, 1l);    rv=curl_easy_setopt(ch,curlopt_writefunction, *writefunction);    rv=curl_easy_setopt(ch,curlopt_writedata, stdout);    rv=curl_easy_setopt(ch,curlopt_headerfunction, *writefunction);    rv=curl_easy_setopt(ch,curlopt_writeheader, stderr);    rv=curl_easy_setopt(ch,curlopt_sslcerttype,"pem");      rv=curl_easy_setopt (ch, curlopt_capath, "./cacert.pem" );      rv=curl_easy_setopt (ch, curlopt_cainfo, "./cacert.pem" );     rv=curl_easy_setopt(ch,curlopt_ssl_verifypeer,1l);     rv=curl_easy_setopt(ch, curlopt_url, "https://");       rv=curl_easy_perform(ch);               if (rv==curle_ok)                   printf("*** transfer succeeded ***\n");     else                         printf("*** transfer failed ***\n");     rv=curl_easy_setopt(ch,curlopt_ssl_ctx_function, *sslctx_function);     rv=curl_easy_perform(ch);                  if (rv==curle_ok)                   printf("*** transfer succeeded ***\n");                  else                   printf("*** transfer failed ***\n");                   curl_easy_cleanup(ch);      curl_global_cleanup();      return rv;                }

thanks

ran in php. ran curl on command line -v , found nss -12286 error.

turns out remote server , curl did not have common cypher (nss error codes). added cypher curl object so:

curl_setopt($ocurl, curlopt_ssl_cipher_list, 'rsa_rc4_128_sha');

Comments

Post a Comment

Popular posts from this blog

python - How to create a legend for 3D bar in matplotlib? -

Image
given ax = plt.subplot() : ax.bar()[0] can passed plt.legend() . however, ax.bar3d() returns none . how create legend displayed bars? update: passing legend="stuff" ax.bar3d() , calling ax.legend() raises /usr/lib/python2.6/site-packages/matplotlib/axes.py:4368: userwarning: no labeled objects found. use label='...' kwarg on individual plots. warnings.warn("no labeled objects found. " you need use proxy artist legends not supported. this code: from mpl_toolkits.mplot3d import axes3d import matplotlib.pyplot plt import numpy np fig = plt.figure() ax = fig.add_subplot(111, projection='3d') x, y = np.random.rand(2, 100) * 4 hist, xedges, yedges = np.histogram2d(x, y, bins=4) elements = (len(xedges) - 1) * (len(yedges) - 1) xpos, ypos = np.meshgrid(xedges[:-1]+0.25, yedges[:-1]+0.25) xpos = xpos.flatten() ypos = ypos.flatten() zpos = np.zeros(elements) dx = 0.5 * np.ones_like(zpos) dy = dx.copy() dz = hist.flatten() ax...
Read more

java - Multi-Label Document Classification -

i have database in store data based upon following 3 fields: id, text, {labels}. note each text has been assigned more 1 label \ tag \ class. want build model (weka \ rapidminer \ mahout) able recommend \ classify bunch of labels \ tags \ classes given text. i have heard svm , naive bayes classifier, not sure whether support multi-label classification or not. guides me right direction more welcome! the basic multilabel classification method one-vs.-the-rest (ovr), called binary relevance (br). basic idea take off-the-shelf binary classifier, such naive bayes or svm, create k instances of solve k independent classification problems. in python-like pseudocode: for each class k: learner = svm(settings) # example labels = [class_of(x) == k x in samples] learner.learn(samples, labels) then @ prediction time, run each of binary classifiers on sample , collect labels predict positive. (both training , prediction can done in parallel, since problems assumed ...
Read more

php - Dynamic url re-writing using htaccess -

how can rewrite http://mydomain.com/test/master.php?catid=2&subcatid=8 http://mydomain.com/test/master.php/catname/subcat using .htaccess file. once rewritten, how can access these parameters in master.php? note: untested, let me know if doesn't work. rewriterule ^master.php/([a-za-z0-9_-]+)/([a-za-z0-9_-]+)$ /master.php?catid$1&subcatid=$2 [l]
Read more