Public key pinning in curl does not work without using certificates from the system
问题 I am trying to use libcurl with public-key pinning in order to verify a server's authenticity when downloading a file. Curl is compiled so that it doesn't use any certificates on the system, but only relies on certificates it receives from the user: ./configure --without-ca-bundle --without-ca-path --without-ca-fallback && make First I obtain the sha256 sum of the server certificate's public key, as explained here: $ openssl s_client -servername www.example.com -connect www.example.com:443 <