cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: -k !

From: Ralph Mitchell <rmitchell_at_eds.com>
Date: Thu, 10 Apr 2003 03:07:28 -0500

Jill Tovey wrote:

> Hi everyone
>
> Some of you may remember,
>
> I am at the sensor console for snort
>
> (https://localhost/snortcenter/sensor.php)
>
> and I get the certificate error
>
> (curl: (35) SSL: error:14090086:SSL
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed)
>
> Now,
>
> I want to just get rid of this need for a certificate because creating
> them myself and adding them to httpd.conf etc just does not seem to be
> working.
>
> so if i type
>
> curl -k https://localhost/snortcenter/sensor.php
>
> it returns Loading Page...<p><font size="1">Or click <a
> href="login.php">here</a> if page does not change.</font>[root_at_xx bin]#
>
> so that seems to have gone well right?
>
> So why is it, when I return to the sensor.php page, it still shows this
> certificate error??

OK. I think I understand what's happening now. I've just installed the
snortsensor (and friends) on my laptop and everything you've said makes a lot
more sense. Apologies for being a bit thick before...

What you're getting - "Loading Page...<p>...etc" is what your browser would
get if you connected to the sensor.php url. What you're not seeing are the
headers, which include this:

Refresh: 0; url=login.php

Your browser would normally immediately refresh to the new url, which would
be:

https://localhost/snortcenter/login.php

because the refresh url is relative. Curl doesn't do that. Curl is showing
you the web page that a "Refresh challenged" browser would display, with a
link that you'd click on.

So, you need to go through the login sequence:

curl -k https://localhost/snortcenter/login.php

This displays the html for the login screen, which is the same form you'd
normally fill in on the browser.

To login, try this:

curl -k -s -S -b cookies -c cookies -d phpUserLogin_user_name=[admin] -d
phpUserLogin_pw=[password] -d phpUserLogin_login=Login
https://localhost/snortcenter/login.php

That would all be on one line... Replace [admin] and [password] with whatever
you've set.

You ought to get back another "Loading Page..." string, containing
href="sensor.php", plus a couple of cookies. You can immediately turn around
and do this:

curl -k -s -S -b cookies -c cookies
https://localhost/snortcenter/sensor.php

and so on. Don't forget to keep sending those cookies back and forth, or
snortcenter will quit talking to you.

Ralph Mitchell

-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger
for complex code. Debugging C/C++ programs can leave you feeling lost and
disoriented. TotalView can help you find your way. Available on major UNIX
and Linux platforms. Try it free. www.etnus.com
Received on 2003-04-10

This message: [ Message body ]
Next message: Ralph Mitchell: "Re: connect failed"
Previous message: Daniel Stenberg: "Re: -k !"
In reply to: Jill Tovey: "-k !"
Next in thread: Ralph Mitchell: "Re: -k !"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]