Pa1
2011-09-26 14:06:48 UTC
Hi,
I'm using libcurl - 7.15.1 & OpenSSL - 0.9.7 on Win32 machine trying for
client two way authentication.
I'm using the below snipped for setting the certificate and key for client
authentication.
curl_easy_setopt(curl,CURLOPT_SSLCERT,"clientCert.pem");
curl_easy_setopt(curl,CURLOPT_SSLCERTPASSWD,"changeit");
curl_easy_setopt(curl,CURLOPT_SSLCERTTYPE,"PEM");
curl_easy_setopt(curl,CURLOPT_SSLKEY,"privateKey.pem");
curl_easy_setopt(curl,CURLOPT_SSLKEYPASSWD,"changeit");
curl_easy_setopt(curl,CURLOPT_SSLKEYTYPE,"PEM");
certificate doesn't have password, still I'm giving same private key passwd
to that.
I keep getting following error persistantly ...
*err unable to set private key file: 'C:\privateKey.pem' type PEM*
-------------
I've generated these client Certificate & private key file using following
commands.
openssl.exe pkcs12 -in client.p12 -nocerts -out privateKey.pem
with PEM passwd.
openssl.exe pkcs12 -in client.p12 -nokeys -out clientCert.pem
That client.p12 works well with the browser.
-------
And verified both these cert & pvt key files with following commands.
openssl x509 -noout -modulus -in clientCert.pem | openssl md5
d7207cf82b771251471672dd54c59927
openssl rsa -noout -modulus -in privateKey.pem | openssl md5
Enter pass phrase for privateKey.pem:
d7207cf82b771251471672dd54c59927
Both these match and that confirms that there is no issue with these client
cert & pvt key file.
--------------
Then I tried with command line with following command,
$ curl --version
curl 7.19.6 (i686-pc-cygwin) libcurl/7.19.6 OpenSSL/0.9.8n zlib/1.2.3
libidn/1.18 libssh2/1.2
$ curl --data-binary @"C:\myrequest.xml" --header "SOAPAction: " --header
"Content-Type: text/xml" --cert c:\clientCert.pem --cert-type PEM --key
c:\privkey.pem --key-type PEM --cacert c:\ca-bundle.crt
https://mydomain.myco.com:443/soap -v
It prompts for PEM passwd and then following error.
* About to connect() to mydomain.myco.com port 443 (#0)
* Trying 69.181.219.20... connected
* Connected to mydomain.myco.com (69.181.219.20) port 443 (#0)
Enter PEM pass phrase:
* unable to set private key file: 'privateKey.pem' type PEM
* Closing connection #0
*curl: (58) unable to set private key file: 'privateKey.pem' type PEM*
And then I tried appending both private key along with cert in a single file
and tried following.
$ curl --cert testCert.pem --Verbose -H "Content-Type: text/xml"
https://mydomain.myco.com:443/soap
* About to connect() to mydomain.myco.com port 443 (#0)
* Trying 69.181.219.20... connected
* Connected to mydomain.myco.com (69.181.219.20) port 443 (#0)
Enter PEM pass phrase:
* unable to set private key file: 'testCert.pem' type PEM
* Closing connection #0
*curl: (58) unable to set private key file: 'testCert.pem' type PEM*
I don't have a clue what might be the issue. Is this libCurl bug or my setup
? Is there any know bug related this ?
I've been trying this past one week, Please help me out. Any pointers would
be greatly appreciated.
Thanks,
Pavan
I'm using libcurl - 7.15.1 & OpenSSL - 0.9.7 on Win32 machine trying for
client two way authentication.
I'm using the below snipped for setting the certificate and key for client
authentication.
curl_easy_setopt(curl,CURLOPT_SSLCERT,"clientCert.pem");
curl_easy_setopt(curl,CURLOPT_SSLCERTPASSWD,"changeit");
curl_easy_setopt(curl,CURLOPT_SSLCERTTYPE,"PEM");
curl_easy_setopt(curl,CURLOPT_SSLKEY,"privateKey.pem");
curl_easy_setopt(curl,CURLOPT_SSLKEYPASSWD,"changeit");
curl_easy_setopt(curl,CURLOPT_SSLKEYTYPE,"PEM");
certificate doesn't have password, still I'm giving same private key passwd
to that.
I keep getting following error persistantly ...
*err unable to set private key file: 'C:\privateKey.pem' type PEM*
-------------
I've generated these client Certificate & private key file using following
commands.
openssl.exe pkcs12 -in client.p12 -nocerts -out privateKey.pem
with PEM passwd.
openssl.exe pkcs12 -in client.p12 -nokeys -out clientCert.pem
That client.p12 works well with the browser.
-------
And verified both these cert & pvt key files with following commands.
openssl x509 -noout -modulus -in clientCert.pem | openssl md5
d7207cf82b771251471672dd54c59927
openssl rsa -noout -modulus -in privateKey.pem | openssl md5
Enter pass phrase for privateKey.pem:
d7207cf82b771251471672dd54c59927
Both these match and that confirms that there is no issue with these client
cert & pvt key file.
--------------
Then I tried with command line with following command,
$ curl --version
curl 7.19.6 (i686-pc-cygwin) libcurl/7.19.6 OpenSSL/0.9.8n zlib/1.2.3
libidn/1.18 libssh2/1.2
$ curl --data-binary @"C:\myrequest.xml" --header "SOAPAction: " --header
"Content-Type: text/xml" --cert c:\clientCert.pem --cert-type PEM --key
c:\privkey.pem --key-type PEM --cacert c:\ca-bundle.crt
https://mydomain.myco.com:443/soap -v
It prompts for PEM passwd and then following error.
* About to connect() to mydomain.myco.com port 443 (#0)
* Trying 69.181.219.20... connected
* Connected to mydomain.myco.com (69.181.219.20) port 443 (#0)
Enter PEM pass phrase:
* unable to set private key file: 'privateKey.pem' type PEM
* Closing connection #0
*curl: (58) unable to set private key file: 'privateKey.pem' type PEM*
And then I tried appending both private key along with cert in a single file
and tried following.
$ curl --cert testCert.pem --Verbose -H "Content-Type: text/xml"
https://mydomain.myco.com:443/soap
* About to connect() to mydomain.myco.com port 443 (#0)
* Trying 69.181.219.20... connected
* Connected to mydomain.myco.com (69.181.219.20) port 443 (#0)
Enter PEM pass phrase:
* unable to set private key file: 'testCert.pem' type PEM
* Closing connection #0
*curl: (58) unable to set private key file: 'testCert.pem' type PEM*
I don't have a clue what might be the issue. Is this libCurl bug or my setup
? Is there any know bug related this ?
I've been trying this past one week, Please help me out. Any pointers would
be greatly appreciated.
Thanks,
Pavan