Hi,

accessing Web-Server via https with self-signed certificate results in the following error message:



How do I tell prince where it can find my CA cert file in order to verify the connection?

I found something at

http://curl.haxx.se/docs/sslcerts.html

but don't know what's the right way.

Stephan

Hi Stephan,

Try the currently undocumented --ssl-ca-cert=FILE command-line option, which allows you to specify the location of your own certificate bundle.

Best regards,

Michael

I was getting the "certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ".

The certificate I am using is not self-signed, I had purchased it from my domain registrar.

The Certificate Authority (CA)-"the folks I purchased my certificates through" was not listed in the "curl-ca-bundle.crt" that comes with PrinceXML.

The "curl-ca-bundle.crt" file lists all the major Certificate Authorities, and of course mine was not in there.javascript:emoticon(':roll:')


I used the information on the this page to add it in: http://curl.haxx.se/docs/sslcerts.html (Number 3 worked for me!)

Since I was not familiar with any of this info I had to read it a few times to digest it.

After getting my CA's information I pasted it to the end of the "curl-ca-bundle.crt" file.

It worked.javascript:emoticon(':D')


Additional Info -

--ssl-ca-cert=FILE (This undocumented function was invaluable to me for testing if I had made the correct changes)
-v (The Verbose function - was helpful because I could see results without having to open files)
example: prince test.html -o test.pdf --ssl-ca-cert=curl-ca-bundle.crt -v

If you ever wanted to create your own ca-bundle file this page was helpful: http://certifie.net/ca-bundle/