« Connecting to Microso… | Home | More SSL Trouble »

CURL with GoDaddy


If you want to use CURL plugins with GoDaddy ftp service, you may see the message in the log like this: "SSL certificate problem: unable to get local issuer certificate".

Now normally we just recommend to get the cacert.pem from curl website and use it with the CAInfo option. But here this fails and gives again the same error message.

To solve it, we need the certificates from GoDaddy, but not just one, but the root and an intermediate one. So on the repository website I downloaded the gd-class2-root.crt and gd_intermediate.crt files. Now I converted them with openssl and joined both pem files into one:

openssl x509 -inform PEM -in gd_intermediate.crt -out gd_intermediate.pem -text
openssl x509 -inform PEM -in gd-class2-root.crt -out gd-class2-root.pem -text
cat gd_intermediate.pem gd-class2-root.pem > gd-bundle.pem

That got me this pem file: gd-bundle.pem

Now you can use CURL with security checks (OptionVerifyPeer and OptionVerifyHost on) and the log shows:

Server certificate:
subject: O=*.senior-systems.com; OU=Domain Control Validated; CN=*.senior-systems.com
start date: 2012-05-02 23:33:25 GMT
expire date: 2017-05-02 23:33:25 GMT
subjectAltName: ftp.senior-systems.com matched
issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certificates.godaddy.com/repository; CN=Go Daddy Secure Certification Authority; serialNumber=07969287
SSL certificate verify ok.

Works in FileMaker, Xojo and Real Studio via MBS Plugins.
18 11 14 - 22:43
No comments

  
Remember personal info?

Emoticons / Textile


Notify:
Hide email:

Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.