cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: SSL client authentication

From: Ralph Mitchell <ralphmitchell_at_gmail.com>
Date: Wed, 2 Mar 2005 02:39:06 -0600

There are two separate commands for saving and loading cookies. If
you save cookies (-c filename) in one command line, but don't load
them (-b filename) in the next command line, curl won't have any
cookies to send.

Ralph Mitchell

On Tue, 1 Mar 2005 20:16:01 -0800 (PST), Ankur Agarwal
<aagarwal584_at_yahoo.com> wrote:
> I am accessing a server requiring SSL client authentication.
> I am able to login using my client certificate with curl.
> The problem is when I do a another invoke of curl.
> I have to supply my client certificate with each invoke.
> I wish to authenticate the first time only.
> How can another invoke of curl be instructed to use the same session as the
> first invoke so authentication is not needed for each invoke? I know this
> behavior is possible because a browser user need only authenticate with the
> web server once during a session. Please see curl output below. As an
> observation, I noticed supplying multiple URLs on the command line does not
> require re-authentication. But I would like to use multiple invokes of
> curl.
>
> [root_at_MrA wgcCurl]# curl -E certs/ankurCollaboration.pem --cacert
> certs/ankurCollaborationChain.pem --verbose -L -O --cookie cookiejarWGC
> https://wgc.lockheedm
> artin.com/llservletsupport/global.js --cookie-jar cookiejarWGC
> * About to connect() to wgc.lockheedmartin.com port 443
> * Connected to wgc.lockheedmartin.com (166.21.29.3) port 443
> Enter PEM pass phrase:
> * successfully set certificate verify locations:
> * CAfile: certs/ankurCollaborationChain.pem
> CApath: none
> * SSL connection using RC4-MD5
> * Server certificate:
> * subject: /C=US/ST=Florida/L=Orlando/O=Lockheed Martin/OU=Enterprise
> Information Systems/CN=wgc.lockheedmartin.com
> * start date: 2003-08-08 02:30:17 GMT
> * expire date: 2005-08-07 02:30:17 GMT
> * commo! n name: wgc.lockheedmartin.com (matched)
> * issuer: /C=US/ST=Florida/L=Orlando/O=Lockheed Martin
> Corporation/OU=EIS/CN=Lockheed Martin Corporation US CA1
> * SSL certificate verify ok.
> > GET /llservletsupport/global.js HTTP/1.1
> User-Agent: curl/7.11.1 (i386-redhat-linux-gnu) libcurl/7.11.1
> OpenSSL/0.9.7a ipv6 zlib/1.2.1.1
> Host: wgc.lockheedmartin.com
> Pragma: no-cache
> Accept: */*
> Cookie:
> SMSESSION=q303Hi3/w6vkEx01HTSx+awSEWEyRxLa1n1Ag52qn/FG4T378ep65JUkLLC4eEGZkaHDWE2I0UbRanQDfVNurtJ7huu7z50t9IsciNX28F7+/QL+nKCkwPLYS2sXlm4KePI/OdW4ZOBb6J
> dCMrpUcu+0WHtfjCvGfNs5Bf6ukbom68sxywrCizLFC0nGveXD2GGhd5cemykOAADCrr0Y383LIe9HcX+TX9S+mYpWCr/Dgn6jOzQ9KtXOFNdIQ59qSYu3G1sJ4lAiO0stIX3b+K9YyADdQGQ42dwJnYhsgWYSUM
> yCb9svPNPTQDrw3wtA7XDH5eeQSCkxYpgA+N5rvGJTHMDNGzw67rmpRuLsaDcTWe26i2svXhNK4ftqs/7A0G5qQZbPgVvM5xjPVNMMmlDK+bFSCJ62r+GLn4BZVvlJnkHVyvTGbEvJIJSBO6X72UMVUlZ5fkItgN
> TX5tCNaKpA5j7NLzckQt88S0H0M0W2xuVX86bHf22D8S6xfaNGdlNf0CiMUEVyeFmAjty/9Qj77gWIKEjUgNSWpmuL8cc4wOU0BRl1DFoA1jEwGi7ovTrSpaL806Q5T11S0dyCfpLeghPE0Xol1/2Puz9IINVQ+V
> DuwBQA8nOwsVrBDDuLrvDZvkalMOd7nh+T6M6+Il4h3QdoJb3MIxHQu8k/oGDA03AlSLTm3xkTCkHKB+mPpOfbB4gfEMaHdhXCb0xbKNbYvwVsJiB/4msQAZl6hE7+k8+xL5yxZKry6juXjGDLf/G4a6SAvjAxu+
> fWtvRH73ZZ610dvCyanyJCg48XWYAA9FakaSsxGioSMIdcPito83JrAUHqa+qXNrDveX9KYn8JknzshzArAn58YrDeQgw63QVW/z4c/AsBORa+X8tNJFjndEvzl8aCb1xPJnJJ4AXAqtUcGCdlZFfbMKwXoLbKu4
> T07RLs5C0Xje! 2qGioQ2pr
> Bh0tMIcxkGKbMZVlro2740IfvLHdG6RUWLE1KcQ3dO+/6gzzhNg==
> % Total % Received % Xferd Average Speed Time
> Curr.
> Dload Upload Total Current Left
> Speed
> 0 0 0 0 0 0 0 0 --:--:-- 0:00:16 --:--:--
> 0< HTTP/1.1 200 OK
> < Server: Sun-ONE-Web-Server/6.1
> < Date: Wed, 02 Mar 2005 04:07:32 GMT
> < Content-length: 4292
> * Replaced cookie
> SMSESSION="x0z1ZW3nN1ZtdY87pDgkFW0fgZQ3XE9XLz0fhK06efCQGuVKi/KaKgDXCUhFdUEsBRZLGe+XGhnvRsaoo8loEfTHHbP99CtL0D7ISDoIjYpQcVz5OCrYl7tNkL9boKFNIwy
> va96XDlnlKlR4yMed+TuFJ1gjVuDBTgJjqDT9hS+ZNuhrorMqXjuZ02X6sGCL2h5d1OEU4+w6vmhjT7tI5lIKBszrMPu9TKzPNA6Uf6ysfTcdipcPh8Ti4Jj/+/mrzJjTvHJ07be+2eC5rD/f3UqKsWAvO8r7sw9
> ZaGSUzCIMbngnPHFRIvS+bqkdNN6VZklfbXTrDmpYLMMjzNelthL+UujX3+VXrQgbym1eoRjvaj7hC9pottTCMtUSaY6B8Np1SPkMEhUdwS3Eb2v0KV6XGcQdrIsEXiPV6+vksSZED/X8190Ffu4Aw/NIirTLxi4
> 1x8O8fP/CjL05lQS0h1kdehKRchG0zQsvgbAA2rb2LL3RYAaHmy9SbqYujnVdRScTVRPwSMTh4hDOI8H+Jela7WWD71uDJJI5L5rbyvFbkBngTQNyMGxRN+Rc3rm3MI48fvmQE7UTDpIyaGZZoY3n34WgTqr83s9
> /+KPY2z3dKv76+yubGRRuMhmhTplL6zeTFJiMTylWW6KHuSLSwVubohcIKmZWFIG5EAHZkcBZ1H5GhPEp34dfkHpcsOSivTGN8QgDeX8O8vNMVCRsx78BhYKCvJ4/wx9nhQIk+3F/8gb2ezgjtC7Oxkbguxf3r4o
> SesmOUCXwy4/mAOvksJ/WeiZF92wqwJs2qqEfCxiRc0HZqKpuygIdO/I7RRS36UMTW30Q0T86qe2xpXayRelWkxGXELkPtI+Mgdl9rlVn7iDNINqYC+tI3jqYzLYRcXC7qbQ6V1b0XDUnzrRNN08snWMDC5GSHNZ
> xfPrrtpMS3X56rSWgjpLSp! RhzJP7rZa ta0mQ4fJ+V5pP/3KpQ6AJOHJkWGGFPjw4Z<
> Set-Cookie:
> SMSESSION=x0z1ZW3nN1ZtdY87pDgkFW0fgZQ3XE9XLz0fhK06efCQGuVKi/KaKgDXCUhFdUEsBRZLGe+
> XGhnvRsaoo8loEfTHHbP99CtL0D7ISDoIjYpQcVz5OCrYl7tNkL9boKFNIwyva96XDlnlKlR4yMed+TuFJ1gjVuDBTgJjqDT9hS+ZNuhrorMqXjuZ02X6sGCL2h5d1OEU4+w6vmhjT7tI5lIKBszrMPu9TKzPNA6
> Uf6ysfTcdipcPh8Ti4Jj/+/mrzJjTvHJ07be+2eC5rD/f3UqKsWAvO8r7sw9ZaGSUzCIMbngnPHFRIvS+bqkdNN6VZklfbXTrDmpYLMMjzNelthL+UujX3+VXrQgbym1eoRjvaj7hC9pottTCMtUSaY6B8Np1SPk
> MEhUdwS3Eb2v0KV6XGcQdrIsEXiPV6+vksSZED/X8190Ffu4Aw/NIirTLxi41x8O8fP/CjL05lQS0h1kdehKRchG0zQsvgbAA2rb2LL3RYAaHmy9SbqYujnVdRScTVRPwSMTh4hDOI8H+Jela7WWD71uDJJI5L5r
> byvFbkBngTQNyMGxRN+Rc3rm3MI48fvmQE7UTDpIyaGZZoY3n34WgTqr83s9/+KPY2z3dKv76+yubGRRuMhmhTplL6zeTFJiMTylWW6KHuSLSwVubohcIKmZWFIG5EAHZkcBZ1H5GhPEp34dfkHpcsOSivTGN8Qg
> DeX8O8vNMVCRsx78BhYKCvJ4/wx9nhQIk+3F/8gb2ezgjtC7Oxkbguxf3r4oSesmOUCXwy4/mAOvksJ/WeiZF92wqwJs2qqEfCxiRc0HZqKpuygIdO/I7RRS36UMTW30Q0T86qe2xpXayRelWkxGXELkPtI+Mgdl
> 9rlVn7iDNINqYC+tI3jqYzLYRcXC7qbQ6V1b0XDUnzrRNN08snWMDC5GSHNZxfPrrtpMS3X56rSWgjpLSpR!
> hzJP7rZat a0mQ4fJ+V5pP/3KpQ6AJOHJkWGGFPjw4Zk9lg+WkMQu2ztWM5MQ==; path=/;
> domai
> n=.lockheedmartin.com
> * Replaced cookie SMCHALLENGE="" for domain lockheedmartin.com, path /,
> expire 1094184451
> < Set-Cookie: SMCHALLENGE=; path=/; expires=Fri, 03 Sep 2004 04:07:31 GMT;
> domain=.lockheedmartin.com
> < Last-Modified: Fri, 25 Feb 2005 04:40:44 GMT
> < Accept-Ranges: bytes
> 100 4292 100 4292 0 0 266 0 0:00:16 0:00:16 0:00:00
> 182k
> * Connection #0 left intact
> * Closing connection #0
>
>
>
>
> ________________________________
> Do you Yahoo!?
> Read only the mail you want - Yahoo! Mail SpamGuard.
>
>
Received on 2005-03-02