curl-users
RE: [Fwd: can't use a client cert with curl]
Date: Wed, 18 Apr 2007 14:41:19 +0200
For me it seems to be a x509 certificate, but i'm not an expert in certificates formats.
The certificate is .cer text format that start with "-----BEGIN CERTIFICATE-----" and end with "-----END CERTIFICATE-----"
When i run "openssl x509 -in mycert.crt -text" i obtain that:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
a4:39:7b:79:9d:f3:1e:31:8e:ef:52:e1:a0:65:02:60
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
Validity
Not Before: Apr 17 00:00:00 2007 GMT
Not After : Apr 16 23:59:59 2008 GMT
Subject: C=XX/2.5.4.17=97285, ST=XXXXX, L=XXXX/2.5.4.9=xxxxx, OU=RESOT, OU=Comodo InstantSSL, CN=XXXXX
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:d0:45:4b:0c:56:2a:ec:e1:fa:09:a2:c4:18:3b:
<snip>
ba:2f:3d:f5:12:55:ee:52:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
keyid:A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
X509v3 Subject Key Identifier:
A6:E0:04:CA:EB:90:26:3B:5E:F7:40:60:40:84:49:70:00:C6:9D:F4
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Netscape Cert Type:
SSL Client, SSL Server
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.1.3.4
CPS: https://secure.comodo.net/CPS
X509v3 CRL Distribution Points:
URI:http://crl.comodoca.com/UTN-USERFirst-Hardware.crl
URI:http://crl.comodo.net/UTN-USERFirst-Hardware.crl
Authority Information Access:
CA Issuers - URI:http://crt.comodoca.com/UTNAddTrustServerCA.crt
CA Issuers - URI:http://crt.comodo.net/UTNAddTrustServerCA.crt
Signature Algorithm: sha1WithRSAEncryption
2b:bc:5a:bd:ac:22:dc:a9:d1:75:54:a6:8d:9b:b3:48:1c:06:
<snip>
c1:bf:7b:9a
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIRAKQ5e3md8x7dju9S4aBlAmAwDQYJKoZIhvcNAQEFBQAw
<snip>
UPpDy/9l7BTBv3ua
-----END CERTIFICATE-----
-----Message d'origine-----
De : curl-users-bounces_at_cool.haxx.se [mailto:curl-users-bounces_at_cool.haxx.se] De la part de Peter Sylvester
Envoyé : mercredi 18 avril 2007 14:16
À : the curl tool
Objet : Re: [Fwd: can't use a client cert with curl]
So what do you import? A file in which format? If you havce a p12/pfx?
if so use openssl pkcs12 -
Frédéric Léger wrote:
> Ok, thanks a lot.
>
> Why i can't uderstand is why when i install the certificate in IE or firefox, it work like a charm...
> Any clue ?
>
> Regards
>
>
> -----Message d'origine-----
> De : curl-users-bounces_at_cool.haxx.se
> [mailto:curl-users-bounces_at_cool.haxx.se] De la part de Peter Sylvester
> Envoyé : mercredi 18 avril 2007 13:09 À : the curl tool Objet : Re:
> [Fwd: can't use a client cert with curl]
>
>
> Using a client certificate means that you use a private key and a certificate, it is an abuse of language.
>
> So you need to get YOUR private key, this can be in different formats, ask you partner. Depening onj the format, you can then either use it directly or transform it with openssl.
>
>
>
Received on 2007-04-18