From bafb68b844f4aa1d016f8eda786521b1ab8036f2 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 14 Apr 2003 13:09:09 +0000 Subject: [PATCH] With the recent fix of libcurl, it shall now return CURLE_SSL_CACERT when it had problems withe CA cert and thus we offer a huge blurb of verbose help to explain to the poor user why this happens. --- src/main.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/src/main.c b/src/main.c index 9b76423a6..15bb38c65 100644 --- a/src/main.c +++ b/src/main.c @@ -2966,8 +2966,22 @@ operate(struct Configurable *config, int argc, char *argv[]) vms_show = VMSSTS_HIDE; } #else - if((res!=CURLE_OK) && config->showerror) - fprintf(config->errors, "curl: (%d) %s\n", res, errorbuffer); + if((res!=CURLE_OK) && config->showerror) { + if(CURLE_SSL_CACERT == res) { + fprintf(config->errors, "curl: (%d) %s\n\n", res, errorbuffer); +#define CURL_CA_CERT_ERRORMSG \ +"More details here: http://curl.haxx.se/docs/sslcerts.html\n\n" \ +"curl does peer SSL certificate verification by default. If you\n" \ +"communicate with HTTPS servers using certificates that are signed by CAs\n" \ +"present in the bundle, you will get truly secure SSL connections.\n" \ +"Since you get this error, you probably forgot to point out a working CA\n" \ +"cert for your server, or you forgot to use the -k (or --insecure) option.\n" + + fprintf(config->errors, "%s", CURL_CA_CERT_ERRORMSG); + } + else + fprintf(config->errors, "curl: (%d) %s\n", res, errorbuffer); + } #endif if (outfile && !curl_strequal(outfile, "-") && outs.stream)