Home > bash > cURL to access Https server

cURL to access Https server

Problem:
You need to access a https server using curl.

Solution:
Use –cert and –key options in curl. As per the man.


-E, –cert
(SSL) Tells curl to use the specified client certificate file when getting a file
with HTTPS, FTPS or another SSL-based protocol. The certificate must be in
PKCS#12 format if using Secure Transport, or PEM format if using any other
engine. If the optional password isn’t specified, it will be queried for on the
terminal. Note that this option assumes a “certificate” file that is the private
key and the private certificate concatenated! See –cert and –key to specify
them independently.
…skipping…
–key
(SSL/SSH) Private key file name. Allows you to provide your private key in this
separate file.

If this option is used several times, the last one will be used.
-k, –insecure
(SSL) This option explicitly allows curl to perform “insecure” SSL connections
and transfers. All SSL connections are attempted to be made secure by using the
CA certificate bundle installed by default. This makes all connections considered
“insecure” fail unless -k, –insecure is used.

See this online resource for further details:
http://curl.haxx.se/docs/sslcerts.html

Examples:

# This attempt fails.
$ curl https://server.example.com
<html>
<head><title>400 No required SSL certificate was sent</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>No required SSL certificate was sent</center>
<hr><center>nginx/1.4.6 (Ubuntu)</center>
</body>
</html>
# This attempt to bypass fails.
$ curl --insecure https://server.example.com
<html>
<head><title>400 No required SSL certificate was sent</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>No required SSL certificate was sent</center>
<hr><center>nginx/1.4.6 (Ubuntu)</center>
</body>
</html>
# This works.
$ curl --cert /path/to/certifcate/client.crt --key /path/to/key/client.key https://server.example.com
<html>
  <head>
    <title>Server Example</title>
  </head>


<frameset rows="60,*" frameborder="1" border="1">
  <frame src="/browser/header/" name="Header" id='header' scrolling="no" noresize="true" />

    <frame src="/composer/?" name="content" id="composerFrame"/>

  </frameset>
</html>
Advertisements
Categories: bash Tags: , ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: