05-25-2011
Well I tried without specifying the SSLCERTPASSWORD also, faced the same result...
---------- Post updated at 09:57 AM ---------- Previous update was at 09:30 AM ----------
Here is proof that the private key and the certificate correspond to each other:
[debugbld@nagara ~/curlm]$ openssl x509 -noout -modulus -in clientCert.pem | openssl md5
d7207cf82b771251471672dd54c59927
[debugbld@nagara ~/curlm]$ openssl rsa -noout -modulus -in privateKey.pem | openssl md5
Enter pass phrase for privateKey.pem:
d7207cf82b771251471672dd54c59927
So why can't it work?
---------- Post updated at 10:07 AM ---------- Previous update was at 09:57 AM ----------
I'm facing the same result with the command line curl when I tried with the client certificate and private key concatenated:
curl --cert concatenatedCert.pem --cert-type PEM --cacert cabundle.crt https://inaveo:8775/DataIntegrationService/WebService/WS_test/
Enter PEM pass phrase:
curl: (58) unable to set private key file: 'concatenatedCert.pem' type PEM
9 More Discussions You Might Find Interesting
1. IP Networking
Setup a site to site VPN between two cisco routers.
One of the site locations is unable to access ports such as https://example.com:9001
How do I let them go into port 9001?
They can ssh, ftp, telnet and everything else.
Is this a VPN issue or ACL access issue?
I put
permit ip host... (0 Replies)
Discussion started by: photon
0 Replies
2. Shell Programming and Scripting
Hi there
I am currently trying to access an http site using the wget utility from a solaris box. I am going through proxies to do this and we have two types of proxies.
For the first one, which is a netcache proxy, I am able to use the wget command to export the proxy information
export... (2 Replies)
Discussion started by: memonks
2 Replies
3. Web Development
hi,
I am using sunone 7.0 webserver. The webserver instance is configured for https and i want to do client authentication for specific resources. I dont want to do any client authentication for the other resources.
I was able to do a complete client auth for my webserver but unable to do... (0 Replies)
Discussion started by: pcs.abhishek
0 Replies
4. Red Hat
Hi All,
I am a newb in this forums. I am a Linux admin and I hope I will get the solution here.
In my company I have setup AD and I can authenticate the windows machines using this AD, also able to apply policy.
Now I have installed some Linux machines but I can't able to authenticate via... (6 Replies)
Discussion started by: sahabcse
6 Replies
5. HP-UX
I ve a client : <clientname> and a server: <servername>
Both of them running: HPUX B.11.31
SERVER outputs:
I ve shared a folder in <servername> called /test and the O/P for
# exportfs
- /test root=<clientname>,rw=<clientname>,ro ""
# showmount -e
export list for... (6 Replies)
Discussion started by: Amit Kulkarni
6 Replies
6. Red Hat
Hi,
I am trying to access a NFS shared directory on Solaris 10 Server from a client which is RHEL 4 Server.
On the NFS Server, in /etc/dfs/, I added following line to dfstab file.
share -F nfs -o rw /var/share
& then ran the following
svcadm -v enable -r... (3 Replies)
Discussion started by: SunilB2011
3 Replies
7. AIX
Hi,
I am trying to authenticate AIX server against a IDS LDAP instance.
The AIX version is 6.1 and TDS client is 6.1.
I configured the secldapclntd using ldap.cfg file and changed /etc/security/user to set SYSTEM=LDAP, registry=LDAP for one user. Below are the ldap.cfg configurations -
... (5 Replies)
Discussion started by: vs1
5 Replies
8. IP Networking
Hi all
I need help with a set of iptables rules that would allow a portion of a bank of ipaddresses acces to only one or two named wbsites.
Please advise
Thank You
Ed (3 Replies)
Discussion started by: wa1ed
3 Replies
9. Post Here to Contact Site Administrators and Moderators
Hello MODs/Admins,
Could you please help me here as from last 6 to 7 days I(and checked with my fellow friends too) am not able to access unix.com site at all. It is very very slow, it never loads completely. Even I checked with different people and different computers it results same only,... (8 Replies)
Discussion started by: RavinderSingh13
8 Replies
LEARN ABOUT CENTOS
pkcsicsf
PKCSICSF(1) openCryptoki PKCSICSF(1)
NAME
pkcsicsf - configuration utility for the ICSF token
SYNOPSIS
pkcsicsf [-h] [-l|-a token name] [-b BINDDN] [-c client-cert-file] [-C CA-cert-file] [-k privatekey] [-m mechanism] [-u URI]
DESCRIPTION
The pkcsicsf utility lists available ICSF tokens and allows user to add one specific ICSF token to opencryptoki.
The ICSF token must be added first to opencryptoki. This creates an entry in the opencryptoki.conf file for the ICSF token. It also creates
a token_name.conf configuration file in the same directory as the opencryptoki.conf file, containing ICSF specific information. This
information is read by the ICSF token.
The ICSF token must bind and authenticate to an LDAP server. The supported authentication mechanisms are simple and sasl. One of these
mechanisms must be entered when listing the available ICSF tokens or when adding an ICSF token. Opencryptoki currently supports adding only
one ICSF token.
The system admin can either allow the ldap calls to utilize exisiting ldap configs, such as ldap.conf or .ldaprc for bind and authentica-
tion information or set the bind and authentication information within opencryptoki by using this utility and its options. The information
will then be placed in the token_name.conf file to be used in the ldap calls. When using simple authentication, the user will be prompted
for the racf password when listing or adding a token.
OPTIONS
-a token name
add the specified ICSF token to opencryptoki.
-b BINDND the distinguish name to bind when using simple authentication
-c client-cert-file
the client certificate file when using SASL authentication
-C CA-cert-file
the CA certificate file when using SASL authentication
-h show usage information
-k privatekey
the client private key file when using SASL authentication
-m mechanism
the authentication mechanism to use when binding to the LDAP server (this should be either simple or sasl)
-l list available ICSF tokens
-h show usage information
FILES
/etc/opencryptoki/opencryptoki.conf
the opencryptoki config file containing token configuration information
/etc/opencryptoki/token_name.conf
contains ICSF configuration information for the ICSF token
SEE ALSO
opencryptoki(7),
pkcsslotd(8).
pkcsconf(8).
3.0 April 2013 PKCSICSF(1)