cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: How to use .pfx in certificate store in CURL via SSL from Windows 7

From: Ralph Mitchell <ralphmitchell_at_gmail.com>
Date: Thu, 5 Mar 2015 17:01:25 -0500

On Wed, Mar 4, 2015 at 7:01 PM, Brendan White <brendan.white_at_flinders.edu.au
> wrote:

> Friends
>
> I want to use cURL to access a remote server, and I need to identify
> myself using a private key, otherwise the remote server gives a 401
> "Unauthorized".
>
> I'm on Windows 7 (work machine, not my choice) and my private key is
> installed on my computer. I'm not permitted to access it directly, but I'm
> confident it's installed in the certificate store correctly. So I want to
> specify the *public* key in the cURL command, and let the operating system
> work out which private key to use.
>
> I've given the public key to the remote server, and they've accepted it
> and installed it.
>
> So I'm doing this:
>
> curl --verbose --cert "my-public-cert.pem"
> https://secure.server.com/path
>
...but it's not working, I'm getting a 58 error:
>
> * Trying 12.34.56.78...
> * Connected to secure.server.com (12.34.56.78) port 443 (#0)
> * unable to use client certificate (no key found or wrong pass
> phrase?)
> * Closing connection 0
> curl: (58) unable to use client certificate (no key found or wrong
> pass phrase?)
>
> Am I doing something wrong? Is there a way to send a cURL request over
> SSL, if I can't access the private key directly but the operating system
> has the private key installed? Or is this just impossible?
>
>

The man page for curl says you can either add the private key to the file
with the public certificate, or you can specify the private key file with
the --key option

     curl --verbose --cert "my-public-cert.pem" --key my-private-key.pem
https://secure.server.com/path

If the key is not in the cert file, that'll be why the error message says
"no key found"

Ralph Mitchell

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2015-03-05