cURL / Mailing Lists / curl-users / Single Mail

curl-users

Client Certificate

From: Jochen Vogel <jvogel_at_it-sec.de>
Date: Wed, 10 Jul 2002 15:45:32 +0200

Hi,

i would to get files automatically by curl on a webserver restricted with a
client certificate.

i created my own CA and a Client Certificate.

if i manual try this certificate with the IE it is working.

if i try curl -O -E ./clienta.pem https://webserver/test/file1 i get the
error unable to set public key.

here ist the client certificate:

cat clienta.pem
-----BEGIN CERTIFICATE-----
MIICbTCCAdYCAQgwDQYJKoZIhvcNAQEEBQAwdTELMAkGA1UEBhMCREUxDTALBgNV
BAgUBEJhV/wxDDAKBgNVBAcTA1VsbTEPMA0GA1UEChMGaXQuc2VjMRcwFQYDVQQD
Ew5zdXNlLml0LXNlYy5kZTEfMB0GCSqGSIb3DQEJARYQanZvZ2VsQGl0LXNlYy5k
ZTAeFw0wMjA3MDkxNDM5MjVaFw0wMjA4MDgxNDM5MjVaMIGIMQswCQYDVQQGEwJE
RTENMAsGA1UECBQEQmFX/DEMMAoGA1UEBxMDVWxtMSEwHwYDVQQKExhJbnRlcm5l
dCBXaWRnaXRzIFB0eSBMdGQxGDAWBgNVBAMTD2FsaXRhLml0LXNlYy5kZTEfMB0G
CSqGSIb3DQEJARYQanZvZ2VsQGl0LXNlYy5kZTCBnzANBgkqhkiG9w0BAQEFAAOB
jQAwgYkCgYEAuWsRJpWAmIQF34ffJHnZrtoXjs4lzy31X9XhFSO1i7VqdopOaLjm
UFHnWQKS7MTgLp9U7+b7GT4dfxjZFvm2NwgqncNGJ/x+34COgDh5eWqtXPHEjHNT
CRwgdY7erQlIj/7Vgr8smTXUgh2G2jGWcHjE1jFByd4adz/VVsQFe/sCAwEAATAN
BgkqhkiG9w0BAQQFAAOBgQAnroi2gQQlfBuFdp93xFo11ID3BRL/V0N07y+2hm9e
m3XgZcn4lhgyhYqKHbLLtPtNkall3PYyIkiJPTM4hLwRf0CQLynEOTLScli4r1be
BZU1SwD8SZgpBo9LSS+zjM8je6W4PLMdTo+WrWQQwyuDw6n9zLqy7Hb2aA7oBtEu
sA==
-----END CERTIFICATE-----

openssl x509 -noout -text -in clienta.pem
Certificate:
    Data:
        Version: 1 (0x0)
        Serial Number: 8 (0x8)
        Signature Algorithm: md5WithRSAEncryption
        Issuer: C=DE, ST=BaW\xFC, L=Ulm, O=it.sec,
CN=suse.it-sec.de/Email=jvogel_at_it-sec.de
        Validity
            Not Before: Jul 9 14:39:25 2002 GMT
            Not After : Aug 8 14:39:25 2002 GMT
        Subject: C=DE, ST=BaW\xFC, L=Ulm, O=Internet Widgits Pty Ltd,
CN=alita.it-sec.de/Email=jvogel_at_it-sec.de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:b9:6b:11:26:95:80:98:84:05:df:87:df:24:79:
                    d9:ae:da:17:8e:ce:25:cf:2d:f5:5f:d5:e1:15:23:
                    b5:8b:b5:6a:76:8a:4e:68:b8:e6:50:51:e7:59:02:
                    92:ec:c4:e0:2e:9f:54:ef:e6:fb:19:3e:1d:7f:18:
                    d9:16:f9:b6:37:08:2a:9d:c3:46:27:fc:7e:df:80:
                    8e:80:38:79:79:6a:ad:5c:f1:c4:8c:73:53:09:1c:
                    20:75:8e:de:ad:09:48:8f:fe:d5:82:bf:2c:99:35:
                    d4:82:1d:86:da:31:96:70:78:c4:d6:31:41:c9:de:
                    1a:77:3f:d5:56:c4:05:7b:fb
                Exponent: 65537 (0x10001)
    Signature Algorithm: md5WithRSAEncryption
        27:ae:88:b6:81:04:25:7c:1b:85:76:9f:77:c4:5a:35:d4:80:
        f7:05:12:ff:57:43:74:ef:2f:b6:86:6f:5e:9b:75:e0:65:c9:
        f8:96:18:32:85:8a:8a:1d:b2:cb:b4:fb:4d:91:a9:65:dc:f6:
        32:22:48:89:3d:33:38:84:bc:11:7f:40:90:2f:29:c4:39:32:
        d2:72:58:b8:af:56:de:05:95:35:4b:00:fc:49:98:29:06:8f:
        4b:49:2f:b3:8c:cf:23:7b:a5:b8:3c:b3:1d:4e:8f:96:ad:64:
        10:c3:2b:83:c3:a9:fd:cc:ba:b2:ec:76:f6:68:0e:e8:06:d1:
        2e:b0

thx for help
Jochen

-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Two, two, TWO treats in one.
http://thinkgeek.com/sf
Received on 2002-07-10