cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: SSL client authentication

From: Seshubabu Pasam <pasam_at_seshubabu.com>
Date: Wed, 02 Mar 2005 00:34:48 -0800

You can't do that using command line curl, other than the way you mentioned (multiple URLs on command - if it is supported).

You can use the libCurl API to write your own command line tool and do this, if you want. You can re-use the curl handle as many times as you want.

Regards
-Seshubabu Pasam

Ankur Agarwal wrote:

I am accessing a server requiring SSL client authentication.

I am able to login using my client certificate with curl.

The problem is when I do a another invoke of curl.

I have to supply my client certificate with each invoke.

I wish to authenticate the first time only.

How can another invoke of curl be instructed to use the same session as the first invoke so authentication is not needed for each invoke? I know this behavior is possible because a browser user need only authenticate with the web server once during a session. Please see curl output below. As an observation, I noticed supplying multiple URLs on the command line does not require re-authentication. But I would like to use multiple invokes of curl.

[root@MrA wgcCurl]# curl -E certs/ankurCollaboration.pem --cacert certs/ankurCollaborationChain.pem --verbose -L -O --cookie cookiejarWGC https://wgc.lockheedm
artin.com/llservletsupport/global.js --cookie-jar cookiejarWGC
* About to connect() to wgc.lockheedmartin.com port 443
* Connected to wgc.lockheedmartin.com (166.21.29.3) port 443
Enter PEM pass phrase:
* successfully set certificate verify locations:
*   CAfile: certs/ankurCollaborationChain.pem
CApath: none
* SSL connection using RC4-MD5
* Server certificate:
*        subject: /C=US/ST=Florida/L=Orlando/O=Lockheed Martin/OU=Enterprise Information Systems/CN=wgc.lockheedmartin.com
*        start date: 2003-08-08 02:30:17 GMT
*        expire date: 2005-08-07 02:30:17 GMT
*        commo! n name: wgc.lockheedmartin.com (matched)
*        issuer: /C=US/ST=Florida/L=Orlando/O=Lockheed Martin Corporation/OU=EIS/CN=Lockheed Martin Corporation US CA1
* SSL certificate verify ok.
> GET /llservletsupport/global.js HTTP/1.1
User-Agent: curl/7.11.1 (i386-redhat-linux-gnu) libcurl/7.11.1 OpenSSL/0.9.7a ipv6 zlib/1.2.1.1
Host: wgc.lockheedmartin.com
Pragma: no-cache
Accept: */*
Cookie: SMSESSION=q303Hi3/w6vkEx01HTSx+awSEWEyRxLa1n1Ag52qn/FG4T378ep65JUkLLC4eEGZkaHDWE2I0UbRanQDfVNurtJ7huu7z50t9IsciNX28F7+/QL+nKCkwPLYS2sXlm4KePI/OdW4ZOBb6J
dCMrpUcu+0WHtfjCvGfNs5Bf6ukbom68sxywrCizLFC0nGveXD2GGhd5cemykOAADCrr0Y383LIe9HcX+TX9S+mYpWCr/Dgn6jOzQ9KtXOFNdIQ59qSYu3G1sJ4lAiO0stIX3b+K9YyADdQGQ42dwJnYhsgWYSUM
yCb9svPNPTQDrw3wtA7XDH5eeQSCkxYpgA+N5rvGJTHMDNGzw67rmpRuLsaDcTWe26i2svXhNK4ftqs/7A0G5qQZbPgVvM5xjPVNMMmlDK+bFSCJ62r+GLn4BZVvlJnkHVyvTGbEvJIJSBO6X72UMVUlZ5fkItgN
TX5tCNaKpA5j7NLzckQt88S0H0M0W2xuVX86bHf22D8S6xfaNGdlNf0CiMUEVyeFmAjty/9Qj77gWIKEjUgNSWpmuL8cc4wOU0BRl1DFoA1jEwGi7ovTrSpaL806Q5T11S0dyCfpLeghPE0Xol1/2Puz9IINVQ+V
DuwBQA8nOwsVrBDDuLrvDZvkalMOd7nh+T6M6+Il4h3QdoJb3MIxHQu8k/oGDA03AlSLTm3xkTCkHKB+mPpOfbB4gfEMaHdhXCb0xbKNbYvwVsJiB/4msQAZl6hE7+k8+xL5yxZKry6juXjGDLf/G4a6SAvjAxu+
fWtvRH73ZZ610dvCyanyJCg48XWYAA9FakaSsxGioSMIdcPito83JrAUHqa+qXNrDveX9KYn8JknzshzArAn58YrDeQgw63QVW/z4c/AsBORa+X8tNJFjndEvzl8aCb1xPJnJJ4AXAqtUcGCdlZFfbMKwXoLbKu4
T07RLs5C0Xje! 2qGioQ2pr Bh0tMIcxkGKbMZVlro2740IfvLHdG6RUWLE1KcQ3dO+/6gzzhNg==

% Total    % Received % Xferd Average Speed          Time             Curr.
                                 Dload Upload Total    Current Left    Speed
0     0    0     0    0     0      0      0 --:--:-- 0:00:16 --:--:--     0< HTTP/1.1 200 OK
< Server: Sun-ONE-Web-Server/6.1
< Date: Wed, 02 Mar 2005 04:07:32 GMT
< Content-length: 4292
* Replaced cookie SMSESSION="x0z1ZW3nN1ZtdY87pDgkFW0fgZQ3XE9XLz0fhK06efCQGuVKi/KaKgDXCUhFdUEsBRZLGe+XGhnvRsaoo8loEfTHHbP99CtL0D7ISDoIjYpQcVz5OCrYl7tNkL9boKFNIwy
va96XDlnlKlR4yMed+TuFJ1gjVuDBTgJjqDT9hS+ZNuhrorMqXjuZ02X6sGCL2h5d1OEU4+w6vmhjT7tI5lIKBszrMPu9TKzPNA6Uf6ysfTcdipcPh8Ti4Jj/+/mrzJjTvHJ07be+2eC5rD/f3UqKsWAvO8r7sw9
ZaGSUzCIMbngnPHFRIvS+bqkdNN6VZklfbXTrDmpYLMMjzNelthL+UujX3+VXrQgbym1eoRjvaj7hC9pottTCMtUSaY6B8Np1SPkMEhUdwS3Eb2v0KV6XGcQdrIsEXiPV6+vksSZED/X8190Ffu4Aw/NIirTLxi4
1x8O8fP/CjL05lQS0h1kdehKRchG0zQsvgbAA2rb2LL3RYAaHmy9SbqYujnVdRScTVRPwSMTh4hDOI8H+Jela7WWD71uDJJI5L5rbyvFbkBngTQNyMGxRN+Rc3rm3MI48fvmQE7UTDpIyaGZZoY3n34WgTqr83s9
/+KPY2z3dKv76+yubGRRuMhmhTplL6zeTFJiMTylWW6KHuSLSwVubohcIKmZWFIG5EAHZkcBZ1H5GhPEp34dfkHpcsOSivTGN8QgDeX8O8vNMVCRsx78BhYKCvJ4/wx9nhQIk+3F/8gb2ezgjtC7Oxkbguxf3r4o
SesmOUCXwy4/mAOvksJ/WeiZF92wqwJs2qqEfCxiRc0HZqKpuygIdO/I7RRS36UMTW30Q0T86qe2xpXayRelWkxGXELkPtI+Mgdl9rlVn7iDNINqYC+tI3jqYzLYRcXC7qbQ6V1b0XDUnzrRNN08snWMDC5GSHNZ
xfPrrtpMS3X56rSWgjpLSp! RhzJP7rZa ta0mQ4fJ+V5pP/3KpQ6AJOHJkWGGFPjw4Z< Set-Cookie: SMSESSION=x0z1ZW3nN1ZtdY87pDgkFW0fgZQ3XE9XLz0fhK06efCQGuVKi/KaKgDXCUhFdUEsBRZLGe+
XGhnvRsaoo8loEfTHHbP99CtL0D7ISDoIjYpQcVz5OCrYl7tNkL9boKFNIwyva96XDlnlKlR4yMed+TuFJ1gjVuDBTgJjqDT9hS+ZNuhrorMqXjuZ02X6sGCL2h5d1OEU4+w6vmhjT7tI5lIKBszrMPu9TKzPNA6
Uf6ysfTcdipcPh8Ti4Jj/+/mrzJjTvHJ07be+2eC5rD/f3UqKsWAvO8r7sw9ZaGSUzCIMbngnPHFRIvS+bqkdNN6VZklfbXTrDmpYLMMjzNelthL+UujX3+VXrQgbym1eoRjvaj7hC9pottTCMtUSaY6B8Np1SPk
MEhUdwS3Eb2v0KV6XGcQdrIsEXiPV6+vksSZED/X8190Ffu4Aw/NIirTLxi41x8O8fP/CjL05lQS0h1kdehKRchG0zQsvgbAA2rb2LL3RYAaHmy9SbqYujnVdRScTVRPwSMTh4hDOI8H+Jela7WWD71uDJJI5L5r
byvFbkBngTQNyMGxRN+Rc3rm3MI48fvmQE7UTDpIyaGZZoY3n34WgTqr83s9/+KPY2z3dKv76+yubGRRuMhmhTplL6zeTFJiMTylWW6KHuSLSwVubohcIKmZWFIG5EAHZkcBZ1H5GhPEp34dfkHpcsOSivTGN8Qg
DeX8O8vNMVCRsx78BhYKCvJ4/wx9nhQIk+3F/8gb2ezgjtC7Oxkbguxf3r4oSesmOUCXwy4/mAOvksJ/WeiZF92wqwJs2qqEfCxiRc0HZqKpuygIdO/I7RRS36UMTW30Q0T86qe2xpXayRelWkxGXELkPtI+Mgdl
9rlVn7iDNINqYC+tI3jqYzLYRcXC7qbQ6V1b0XDUnzrRNN08snWMDC5GSHNZxfPrrtpMS3X56rSWgjpLSpR! hzJP7rZat a0mQ4fJ+V5pP/3KpQ6AJOHJkWGGFPjw4Zk9lg+WkMQu2ztWM5MQ==; path=/; domai
n=.lockheedmartin.com
* Replaced cookie SMCHALLENGE="" for domain lockheedmartin.com, path /, expire 1094184451
< Set-Cookie: SMCHALLENGE=; path=/; expires=Fri, 03 Sep 2004 04:07:31 GMT; domain=.lockheedmartin.com
< Last-Modified: Fri, 25 Feb 2005 04:40:44 GMT
< Accept-Ranges: bytes
100 4292 100 4292    0     0    266      0 0:00:16 0:00:16 0:00:00 182k
* Connection #0 left intact
* Closing connection #0

Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard.

text/x-vcard attachment: pasam.vcf

Received on 2005-03-02

This message: [ Message body ]
Next message: Andrei Tarassov: "RE: Segfault with Purify when running an applicationthat useslibcurl"
Previous message: Seshubabu Pasam: "Re: need help"
In reply to: Ankur Agarwal: "SSL client authentication"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]