Unable to use libcurl to access a site requiring client authentication
I’m using the below snipped for setting the certificate and key for client authentication.
The certificate doesn’t have a password, I don’t know why on earth the option SSLCERTPASSWD exists, I just provided a dummy value. When I run the program on Linux I get an error code of 58 and an error message unable to set private key file: 'privateKey.pem' type PEMOn Windows however I get unable to use client certificate (no key found or wrong pass phrase?)
It seems to suggest the certificate and the key don’t match but I don’t know how. I have extracted both the cert and the key from a p12 file using openssl commands. The command I used to extract the key is openssl.exe pkcs12 -in client.p12 -nocerts -out privateKey.pem
and the command used to extract the cert is openssl.exe pkcs12 -in client.p12 -nokeys -out clientCert.pem
The p12 file has been successfully used in a browser to access the client authentication url. Please help before I shoot myself.
Last edited by old_as_a_fossil; 05-25-2011 at 11:32 AM..
Setup a site to site VPN between two cisco routers.
One of the site locations is unable to access ports such as https://example.com:9001
How do I let them go into port 9001?
They can ssh, ftp, telnet and everything else.
Is this a VPN issue or ACL access issue?
I put
permit ip host... (0 Replies)
Hi there
I am currently trying to access an http site using the wget utility from a solaris box. I am going through proxies to do this and we have two types of proxies.
For the first one, which is a netcache proxy, I am able to use the wget command to export the proxy information
export... (2 Replies)
hi,
I am using sunone 7.0 webserver. The webserver instance is configured for https and i want to do client authentication for specific resources. I dont want to do any client authentication for the other resources.
I was able to do a complete client auth for my webserver but unable to do... (0 Replies)
Hi All,
I am a newb in this forums. I am a Linux admin and I hope I will get the solution here.
In my company I have setup AD and I can authenticate the windows machines using this AD, also able to apply policy.
Now I have installed some Linux machines but I can't able to authenticate via... (6 Replies)
I ve a client : <clientname> and a server: <servername>
Both of them running: HPUX B.11.31
SERVER outputs:
I ve shared a folder in <servername> called /test and the O/P for
# exportfs
- /test root=<clientname>,rw=<clientname>,ro ""
# showmount -e
export list for... (6 Replies)
Hi,
I am trying to access a NFS shared directory on Solaris 10 Server from a client which is RHEL 4 Server.
On the NFS Server, in /etc/dfs/, I added following line to dfstab file.
share -F nfs -o rw /var/share
& then ran the following
svcadm -v enable -r... (3 Replies)
Hi,
I am trying to authenticate AIX server against a IDS LDAP instance.
The AIX version is 6.1 and TDS client is 6.1.
I configured the secldapclntd using ldap.cfg file and changed /etc/security/user to set SYSTEM=LDAP, registry=LDAP for one user. Below are the ldap.cfg configurations -
... (5 Replies)
Hi all
I need help with a set of iptables rules that would allow a portion of a bank of ipaddresses acces to only one or two named wbsites.
Please advise
Thank You
Ed (3 Replies)
Discussion started by: wa1ed
3 Replies
9. Post Here to Contact Site Administrators and Moderators
Hello MODs/Admins,
Could you please help me here as from last 6 to 7 days I(and checked with my fellow friends too) am not able to access unix.com site at all. It is very very slow, it never loads completely. Even I checked with different people and different computers it results same only,... (8 Replies)
Discussion started by: RavinderSingh13
8 Replies
LEARN ABOUT MOJAVE
curlopt_proxy_sslcert
CURLOPT_PROXY_SSLCERT(3) curl_easy_setopt options CURLOPT_PROXY_SSLCERT(3)NAME
CURLOPT_PROXY_SSLCERT - set SSL proxy client certificate
SYNOPSIS
#include <curl/curl.h>
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSLCERT, char *cert);
DESCRIPTION
This option is for connecting to a HTTPS proxy, not a HTTPS server.
Pass a pointer to a zero terminated string as parameter. The string should be the file name of your client certificate used to connect to
the HTTPS proxy. The default format is "P12" on Secure Transport and "PEM" on other engines, and can be changed with CUR-
LOPT_PROXY_SSLCERTTYPE(3).
With NSS or Secure Transport, this can also be the nickname of the certificate you wish to authenticate with as it is named in the security
database. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a
nickname.
When using a client certificate, you most likely also need to provide a private key with CURLOPT_PROXY_SSLKEY(3).
The application does not have to keep the string around after setting this option.
DEFAULT
NULL
PROTOCOLS
Used with HTTPS proxy
EXAMPLE
TODO
AVAILABILITY
Added in 7.52.0
RETURN VALUE
Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space.
SEE ALSO CURLOPT_PROXY_SSLCERTTYPE(3), CURLOPT_PROXY_SSLKEY(3), CURLOPT_SSLCERT(3),
libcurl 7.54.0 December 21, 2016 CURLOPT_PROXY_SSLCERT(3)