cURL / Mailing Lists / curl-users / Single Mail


Re: How to use .pfx in certificate store in CURL via SSL from Windows 7

From: Ralph Mitchell <>
Date: Thu, 5 Mar 2015 17:01:25 -0500

On Wed, Mar 4, 2015 at 7:01 PM, Brendan White <
> wrote:

> Friends
> I want to use cURL to access a remote server, and I need to identify
> myself using a private key, otherwise the remote server gives a 401
> "Unauthorized".
> I'm on Windows 7 (work machine, not my choice) and my private key is
> installed on my computer. I'm not permitted to access it directly, but I'm
> confident it's installed in the certificate store correctly. So I want to
> specify the *public* key in the cURL command, and let the operating system
> work out which private key to use.
> I've given the public key to the remote server, and they've accepted it
> and installed it.
> So I'm doing this:
> curl --verbose --cert "my-public-cert.pem"
...but it's not working, I'm getting a 58 error:
> * Trying
> * Connected to ( port 443 (#0)
> * unable to use client certificate (no key found or wrong pass
> phrase?)
> * Closing connection 0
> curl: (58) unable to use client certificate (no key found or wrong
> pass phrase?)
> Am I doing something wrong? Is there a way to send a cURL request over
> SSL, if I can't access the private key directly but the operating system
> has the private key installed? Or is this just impossible?

The man page for curl says you can either add the private key to the file
with the public certificate, or you can specify the private key file with
the --key option

     curl --verbose --cert "my-public-cert.pem" --key my-private-key.pem

If the key is not in the cert file, that'll be why the error message says
"no key found"

Ralph Mitchell

List admin:
Received on 2015-03-05