I am currently trying to make an imap client with libcurl on a windows application. I am using a prebuilt version of libCurl built with NSS support but no OpenSSL support ( that was decided by an higher up), and when I try to connect to my server with the URL imaps://serveraddress/inbox, with CURLOPT_USE_SSL set to CURLUSESSL_ALL, and CURLOPT_CAINFO to my certificate nickname in cert8.db I get
* Trying servAdress...
* TCP_NODELAY set
Connected to servAdress (servAdress) port portn(#0)
WARNING: failed to load NSS PEM library libnsspem.so. Using OpenSSL PEM certificates will not work.
CAfile: certname
CApath: none
*Closing connection 0
curl_easy_perform() failed: Problem with the SSL CA cert (path? access rights?)
I tried setting CURLOPT_SSLCERT to my certName instead I get the same error except that line is added :
* Initializing NSS with certpath: sql:C:\Users\mlegros\SSL_DB\
my question is is there a way to use NSS db Certificate with imap in libcurl?
also is it normal that a windows dll try to load a .so file (it is a linux format if I am not mistaken)?
ps: here are my version info
curl version 7.58.0
NSS 3.34.1
Hope you can help me.
So the problem was within libcurl
the libraries name are hard-coded with the linux name and if libnssckbi is not loaded we cannot load another certificate the second part as been modified according to this https://github.com/curl/curl/pull/3016.
a quickfix if you don't want to recompile libcurl is to rename nssckbi.dll to libnssckbi.so