CURLOPT_CAPATH can't read inside apk files on Android

Question

CURLOPT_CAPATH can't read inside apk files on Android

Closed this issue 8 years ago · 2 comments

First, thanks for providing this repo and keeping it up to date (I noticed your Jul 2nd update). You rock. cURL is painful to build for Android from the official repos.

curl_setopt()'s CURLOPT_CAPATH specifies the path to a certificate file. Unfortunately, libcURL doesn't read inside APK files. To the best of my knowledge, CURLOPT_SSL_VERIFYPEER can't work on Android, and if you try to connect to an https endpoint, it'll just fail with errorcode CURLE_SSL_CACERT.

Is there a way to specify a cert file on Android? Have I missed something?

Thanks!

Answer 1 · 2016-06-25T22:22:45.000Z

Sorry for the late answer,
What you say is correct. The solution is to download cacert.pem from the cURL site and distribute it with your app, inside the APK. Then on runtime, copy it to a reachable directory, for instance the dataDir returned by the getApplicationInfo() function. The path to that file is what you pass to curl_setopt(CURLOPT_CAPATH)

https://curl.haxx.se/ca/cacert.pem

Hope that helps

Answer 2 · 2018-07-23T20:03:37.000Z

Just in case anyone runs across this, you actually want to use CURLOPT_CAINFO to point to the .pem file.