cURL with a PKCS#12 certificate in a bash script

可紊 提交于 2019-11-28 17:08:03

问题


i have to connect to a webservice, where a pkcs12 certificate is a must. the idea was to use curl in a bash script (under OS X, to be specific).

i have learnt that one of the few things curl cannot do in communication, is handling pkcs12 certificates (.p12). what are my options?

i have read that converting the certificate to PEM format would work (using openssl), however i have no idea how to tell curl that it gets a PEM and should communicate with a webservice requesting PKCS12 certificates.

converting pkcs12 to pem would be done like this (e.g.), it worked for me, however i haven't successfully used them with curl:

openssl pkcs12 -in mycert.p12 -out file.key.pem -nocerts -nodes
openssl pkcs12 -in mycert.p12 -out file.crt.pem -clcerts -nokeys

any hints? or, any alternatives to curl? the solution should be commandline based.


回答1:


I think you have allready resolved but i had a the same problem. I answer for share my solution.

If you have a .p12 file your approach is right. First of all you have to get the cert and the key separated from the p12 file. As an example, if you have a mycert.p12 file execute

openssl pkcs12 -in mycert.p12 -out file.key.pem -nocerts -nodes
openssl pkcs12 -in mycert.p12 -out file.crt.pem -clcerts -nokeys

Then you have to make the call to your url. For instance assume that you want to get the wsdl of a specific webservice

curl -E ./file.crt.pem --key ./file.key.pem https://myservice.com/service?wsdl

If the files file.crt.pem and file.key.pem are in your working folder "./" is mandatory.




回答2:


Check if you have newer curl. Newer versions can handle PKCS12 outright.

curl --cert-type P12 --cert cert.p12:password https://yoursite.com


来源:https://stackoverflow.com/questions/32253909/curl-with-a-pkcs12-certificate-in-a-bash-script

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!