[gdal-dev] libcurl and the certificates and Windows
even.rouault at spatialys.com
Sat Jun 3 09:22:33 PDT 2017
On samedi 3 juin 2017 17:04:07 CEST Joaquim Luis wrote:
> For quite some time I cannot use the 'vsis' because of certificates issue.
> For example, a GMT test that has a command like this no longer works on
> ERROR 11: HTTP response code: 301 - SSL certificate problem: unable to get
> local issuer certificate
> gdalinfo failed - unable to open
> It used to work but probably with an older libcurl dll.
> The above is with my own build gdal and dependencies (libcurl included)
> but the same happens with the gisinternals binaries.
> I have re(and re)ad this page about the certificates
> but regarding Windows and the curl-ca-bundle.crt file what is said about
> it simply does not work. The only thing that works is setting the ENV
> set CURL_CA_BUNDLE=V:\bin\curl-ca-bundle.crt
> Now, we had this in GMT recently and I used the nuke option
> curl_easy_setopt (Curl, CURLOPT_SSL_VERIFYPEER, 0L); /* Tell libcurl to
> not verify the peer */
> so tried to do the same thing in the GDAL code (the obvious point seamed
> to be VSICurlSetOptions in cpl_vsi_curl.cpp) but still does not work.
Someone reported to me a similar issue with recent OSGeo4W.
Did you try setting GDAL_HTTP_UNSAFESSL=YES? This is taken into account in
CPLHTTPSetOptions() that is called by VSICurlSetOptions(), and this set
CURLOPT_SSL_VERIFYPEER=0 and CURLOPT_SSL_VERIFYHOST=0.
This solved the issue.
Spatialys - Geospatial professional services
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the gdal-dev