cURL / Mailing Lists / curl-users / Single Mail

curl-users

HTTPS - Authorization with a client's certificate!

From: Roman Florinskiy <rflorinskiy_at_tedis.com.au>
Date: Wed, 19 Feb 2003 16:55:19 +1100

I'm trying to use curl in HTTPS connection using client authentication,
and met some difficulties in it.

Configuration:

 

curl 7.9.1 (sparc-sun-solaris2.6) libcurl 7.9.1 (OpenSSL 0.9.6b)

 

I have followed all instructions, written on the web site
http://curl.haxx.se <http://curl.haxx.se/>

 

As it written the main command was:

 

curl -v -E my_cert.pem [url]

 

it refuses to connect with a following error:

 

curl: (35) SSL: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert
unknown ca

 

The most interesting thing is when I use this client certificate from
MSIE browser, everything is fine and I have access to the web server.

 

I tried to use -2 and -3 option to define version of the SSL protocol,
but it doesn't help. I receeive the following error:

 

curl: (35) SSL: error:1406C0C8:SSL routines:GET_SERVER_FINISHED:peer
error

 

Also I tried to use such options as -cacert and -capath. It refused to
take option - capath at all and with - cacert it was no result.

 

The only thought came to my mind, that this certificate was transferred
from pkcs12 to PEM format inaccurate, but a did exactly the described
way:

 

openssl pkcs12 -in my_cert.pfx -clcerts -out my_cert.pem

 

I'm stuck with it.

If you have any Ideas, please give me advice.

 

Thanks in advance.

 

Roman Florinskiy

 

rflorinskiy_at_tedis.com.au

 

-------------------------------------------------------
This SF.net email is sponsored by: SlickEdit Inc. Develop an edge.
The most comprehensive and flexible code editor you can use.
Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial.
www.slickedit.com/sourceforge
Received on 2003-02-19