Unable to use libcurl to access a site requiring client authentication
I’m using the below snipped for setting the certificate and key for client authentication.
The certificate doesn’t have a password, I don’t know why on earth the option SSLCERTPASSWD exists, I just provided a dummy value. When I run the program on Linux I get an error code of 58 and an error message unable to set private key file: 'privateKey.pem' type PEMOn Windows however I get unable to use client certificate (no key found or wrong pass phrase?)
It seems to suggest the certificate and the key don’t match but I don’t know how. I have extracted both the cert and the key from a p12 file using openssl commands. The command I used to extract the key is openssl.exe pkcs12 -in client.p12 -nocerts -out privateKey.pem
and the command used to extract the cert is openssl.exe pkcs12 -in client.p12 -nokeys -out clientCert.pem
The p12 file has been successfully used in a browser to access the client authentication url. Please help before I shoot myself.
Last edited by old_as_a_fossil; 05-25-2011 at 11:32 AM..
Well I tried without specifying the SSLCERTPASSWORD also, faced the same result...
---------- Post updated at 09:57 AM ---------- Previous update was at 09:30 AM ----------
Here is proof that the private key and the certificate correspond to each other: [debugbld@nagara ~/curlm]$ openssl x509 -noout -modulus -in clientCert.pem | openssl md5 d7207cf82b771251471672dd54c59927 [debugbld@nagara ~/curlm]$ openssl rsa -noout -modulus -in privateKey.pem | openssl md5 Enter pass phrase for privateKey.pem: d7207cf82b771251471672dd54c59927
So why can't it work?
---------- Post updated at 10:07 AM ---------- Previous update was at 09:57 AM ----------
I'm facing the same result with the command line curl when I tried with the client certificate and private key concatenated:
Hello MODs/Admins,
Could you please help me here as from last 6 to 7 days I(and checked with my fellow friends too) am not able to access unix.com site at all. It is very very slow, it never loads completely. Even I checked with different people and different computers it results same only,... (8 Replies)
Hi all
I need help with a set of iptables rules that would allow a portion of a bank of ipaddresses acces to only one or two named wbsites.
Please advise
Thank You
Ed (3 Replies)
Hi,
I am trying to authenticate AIX server against a IDS LDAP instance.
The AIX version is 6.1 and TDS client is 6.1.
I configured the secldapclntd using ldap.cfg file and changed /etc/security/user to set SYSTEM=LDAP, registry=LDAP for one user. Below are the ldap.cfg configurations -
... (5 Replies)
Hi,
I am trying to access a NFS shared directory on Solaris 10 Server from a client which is RHEL 4 Server.
On the NFS Server, in /etc/dfs/, I added following line to dfstab file.
share -F nfs -o rw /var/share
& then ran the following
svcadm -v enable -r... (3 Replies)
I ve a client : <clientname> and a server: <servername>
Both of them running: HPUX B.11.31
SERVER outputs:
I ve shared a folder in <servername> called /test and the O/P for
# exportfs
- /test root=<clientname>,rw=<clientname>,ro ""
# showmount -e
export list for... (6 Replies)
Hi All,
I am a newb in this forums. I am a Linux admin and I hope I will get the solution here.
In my company I have setup AD and I can authenticate the windows machines using this AD, also able to apply policy.
Now I have installed some Linux machines but I can't able to authenticate via... (6 Replies)
hi,
I am using sunone 7.0 webserver. The webserver instance is configured for https and i want to do client authentication for specific resources. I dont want to do any client authentication for the other resources.
I was able to do a complete client auth for my webserver but unable to do... (0 Replies)
Hi there
I am currently trying to access an http site using the wget utility from a solaris box. I am going through proxies to do this and we have two types of proxies.
For the first one, which is a netcache proxy, I am able to use the wget command to export the proxy information
export... (2 Replies)
Setup a site to site VPN between two cisco routers.
One of the site locations is unable to access ports such as https://example.com:9001
How do I let them go into port 9001?
They can ssh, ftp, telnet and everything else.
Is this a VPN issue or ACL access issue?
I put
permit ip host... (0 Replies)