curl_easy_setopt(easy_handle, CURLOPT_SSL_VERIFYPEER, 0L);
curl_easy_setopt(easy_handle, CURLOPT_SSL_VERIFYHOST, 0L);
dout(20) << "ssl verification is set to off" << dendl;
+ } else {
+ if (!ca_path.empty()) {
+ curl_easy_setopt(easy_handle, CURLOPT_CAINFO, ca_path.c_str());
+ dout(20) << "using custom ca cert "<< ca_path.c_str() << " for ssl" << dendl;
+ }
+ if (!client_cert.empty()) {
+ if (!client_key.empty()) {
+ curl_easy_setopt(easy_handle, CURLOPT_SSLCERT, client_cert.c_str());
+ curl_easy_setopt(easy_handle, CURLOPT_SSLKEY, client_key.c_str());
+ dout(20) << "using custom client cert " << client_cert.c_str()
+ << " and private key " << client_key.c_str() << dendl;
+ } else {
+ dout(5) << "private key is missing for client certificate" << dendl;
+ }
+ }
}
curl_easy_setopt(easy_handle, CURLOPT_PRIVATE, (void *)req_data);
curl_easy_setopt(easy_handle, CURLOPT_TIMEOUT, req_timeout);
<< cct->_conf->rgw_curl_low_speed_limit << " Bytes per second during " << cct->_conf->rgw_curl_low_speed_time << " seconds." << dendl;
default:
dout(20) << "ERROR: msg->data.result=" << result << " req_data->id=" << id << " http_status=" << http_status << dendl;
- dout(20) << "ERROR: curl error: " << curl_easy_strerror((CURLcode)result) << dendl;
+ dout(20) << "ERROR: curl error: " << curl_easy_strerror((CURLcode)result) << " req_data->error_buf=" << req_data->error_buf << dendl;
break;
}
}