Curl Error 58 Unable To Use Client Certificate
Contents |
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack curl (58) unable to load client cert 8018 Overflow the company Business Learn more about hiring developers or posting ads with us curl unable to load client key Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a curl unable to load client cert -8018 community of 4.7 million programmers, just like you, helping each other. Join them; it only takes a minute: Sign up Getting (58) unable to use client certificate (no key found or wrong pass phrase?) from curl
Unable To Set Private Key File: '' Type Pem
up vote 3 down vote favorite I'm attempting to make test calls to a third-party API that requires a client cert. I generated a new cert using this command with openssl: req -new -newkey rsa:2048 -nodes -out mycsr.csr -keyout mykey.key I then sent them the csr, and they sent me back mycert.crt. I concatenated the cert and the key together: cat mycert.crt mykey.key > mycertandkey.pem Finally, I added mycert.crt to the curl client certificate authentication ca-certificates folder and ca-certificates.conf and ran "update-ca-certificates --fresh". Now, I'm trying to make curl call from bash using the following command: curl -X GET --cert mycertandkey.pem -H 'Accept-Encoding: gzip,deflate' -H 'Content-Type: application/json' https://api.URL.com I've also tried: curl -X GET --cert mycertandkey.pem --cacert mycert.crt -H 'Accept-Encoding: gzip,deflate' -H 'Content-Type: application/json' https://api.URL.com and: curl -X GET --cert mycertandkey.pem --cacert mycert.crt --key mykey.key -H 'Accept-Encoding: gzip,deflate' -H 'Content-Type: application/json' https://api.URL.com And every other combination I can think of. I always get the error "curl: (58) unable to use client certificate (no key found or wrong pass phrase?)". The key doesn't have a passphrase. All of the cert/key files have 777 permissions. I haven't worked much with certs in the past and I feel like I've missed something, especially since I seem to have only one cert. Is the cert that the other company sent me a cacert or is it my client cert? Did I concatenate the private key to the wrong cert? I've found a lot of piecemeal information about this online, but if anyone knows of a good tutorial on this subject, I'd really appreciate that as well. ssl curl ssl-certificate share|improve this question edited Jan 28 at 20:36 Brian 3,72052341 asked Apr 22 '15 at 13:43 Chris.B 14118 add a com
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this curl p12 site About Us Learn more about Stack Overflow the company Business Learn more
Curlopt_sslcert
about hiring developers or posting ads with us Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss
Sec_error_unknown_pkcs11_error
Join the Stack Overflow Community Stack Overflow is a community of 4.7 million programmers, just like you, helping each other. Join them; it only takes a minute: Sign up PHP CURL error: http://stackoverflow.com/questions/29799478/getting-58-unable-to-use-client-certificate-no-key-found-or-wrong-pass-phrase unable to use client certificate (no key found or wrong pass phrase?) up vote 1 down vote favorite I am doing this: $ch = curl_init(); curl_setopt($ch, CURLOPT_VERBOSE, '1'); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, '2'); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, '1'); curl_setopt($ch, CURLOPT_CAINFO, getcwd().'/public.pem'); curl_setopt($ch, CURLOPT_SSLCERT, getcwd().'/private.key'); curl_setopt($ch, CURLOPT_SSLCERTPASSWD, '1234'); curl_setopt($ch, CURLOPT_SSLKEYPASSWD, '1234'); curl_setopt($ch, CURLOPT_URL, "http://api-xxxxxx.duosecurity.com/auth/v2/preauth"); $dataa = curl_exec($ch); I am getting this error: unable to use client certificate (no key http://stackoverflow.com/questions/33498093/php-curl-error-unable-to-use-client-certificate-no-key-found-or-wrong-pass-phr found or wrong pass phrase?) What am I missing? If the code is ok then could you please guide me on how to generate a pair of certificates for this purpose using either openssl OR ssh-keygen? php ssl curl openssl ssh-keygen share|improve this question edited Nov 4 '15 at 11:25 asked Nov 3 '15 at 11:34 Bengali 8911 curl_setopt($ch, CURLOPT_SSLCERT, getcwd().'/public.pem'); curl_setopt($ch, CURLOPT_SSLKEY, getcwd().'/private.key'); –ojovirtual Nov 3 '15 at 11:38 @ojovirtual I tried that before and it gives me this error: error setting certificate verify locations: CAfile: /var/www/duo/api/src/duo.pem CApath: /etc/ssl/certs –Bengali Nov 3 '15 at 11:42 curl_setopt($link, CURLOPT_SSL_VERIFYPEER, FALSE); –ojovirtual Nov 3 '15 at 11:46 @ojovirtual that isn't allowed by the API I am trying to access with this CURL. –Bengali Nov 3 '15 at 11:48 A SSL certificate is composed by two parts: a certificate and a private key. My code above is correct (asuming your certificate is the .pem file). The error you get (error setting certificate verify locations) is because the web server is unable to read this file. Try to change permissions on the file /var/www/duo/api/src/duo.pem to enab
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack http://stackoverflow.com/questions/35731627/unable-to-use-client-certificateno-key-found-or-wrong-pass-phrase Overflow the company Business Learn more about hiring developers or posting ads with us Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 4.7 million programmers, just like you, helping each other. Join them; it only takes a minute: Sign up unable to use client certificate(no key found or wrong pass phrase?) up vote 0 down vote unable to favorite I am trying to make a SOAP call to a server using CURL as belows. The Requirement is We need to pass the ssl certificate and pass the Username and Password $ssl = "ssl_file_relative_address.pem"; $pub_ssl_password = 'mynameiskhan'; //Get the data $data = the_data_xml.xml; //Get the WSDL Address $wsdl = "address/to/wsdl?parameter=value"; $soapUser = "Username"; // username $soapPassword = "password"; // password $options = [ CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_FOLLOWLOCATION => TRUE, CURLOPT_SSL_VERIFYHOST unable to load => FALSE, CURLOPT_SSL_VERIFYPEER => FALSE, CURLOPT_URL => $wsdl, CURLOPT_SSLCERT => $ssl, //CURLOPT_SSLCERTPASSWD => $pub_ssl_password, CURLOPT_USERPWD => $soapUser.":".$soapPassword, CURLOPT_HTTPAUTH => CURLAUTH_BASIC ]; $ch = curl_init(); curl_setopt_array($ch , $options); $response = curl_exec($ch); //curl_close($ch); if (curl_errno($ch)) { print curl_error($ch); } I'm getting the following Error from CURL : unable to use client certificate (no key found or wrong pass phrase?) What is it that I'm doing Wrong... php ssl curl soap ssl-certificate share|improve this question asked Mar 1 at 19:22 Nikhilesh Manurkar 103 add a comment| 2 Answers 2 active oldest votes up vote 0 down vote When you specify a client authentication certificate using CURLOPT_SSLCERT, the PEM file should contain a -----BEGIN CERTIFICATE----- line followed by the certificate. You also need to supply cURL with the corresponding private key to the certificate using CURLOPT_SSLKEY which is a file beginning with -----BEGIN PRIVATE KEY-----. If the private key is in ssl_file_relative_address.pem, then try copying the private key to a separate file. If the private key is encrypted, you can specify the password using CURLOPT_SSLKEYPASSWD. share|improve this answer answered Mar 1 at 20:12 drew010 47.1k475111 The ssl certicate has a password only if its used in .pfx format. I've tried using your suggesstions, but still the same error. –Nikhilesh Manurkar Mar 1 a