bash脚本中带有PKCS#12证书的cURL [英] cURL with a PKCS#12 certificate in a bash script
问题描述
我必须连接到必须有pkcs12证书的Web服务.这个想法是在bash脚本中使用curl(具体来说是在OS X下).
i have to connect to a webservice, where a pkcs12 certificate is a must. the idea was to use curl in a bash script (under OS X, to be specific).
我了解到curl在通讯中无法做的少数事情之一就是处理pkcs12证书(.p12).我有什么选择?
i have learnt that one of the few things curl cannot do in communication, is handling pkcs12 certificates (.p12). what are my options?
我已经读到将证书转换为PEM格式是可行的(使用openssl),但是我不知道如何告诉curl它获得了PEM,并且应该与请求PKCS12证书的Web服务进行通信.
i have read that converting the certificate to PEM format would work (using openssl), however i have no idea how to tell curl that it gets a PEM and should communicate with a webservice requesting PKCS12 certificates.
将pkcs12转换为pem可以像这样完成(例如),它对我有用,但是我还没有成功地将它们与curl配合使用:
converting pkcs12 to pem would be done like this (e.g.), it worked for me, however i haven't successfully used them with curl:
openssl pkcs12 -in mycert.p12 -out file.key.pem -nocerts -nodes
openssl pkcs12 -in mycert.p12 -out file.crt.pem -clcerts -nokeys
有什么提示吗?或者,还有其他替代卷曲的方法吗?该解决方案应基于命令行.
any hints? or, any alternatives to curl? the solution should be commandline based.
推荐答案
我认为您已经解决了所有问题,但我遇到了同样的问题.我回答分享我的解决方案.
I think you have allready resolved but i had a the same problem. I answer for share my solution.
如果您拥有.p12文件,则您的方法是正确的. 首先,您必须将证书和密钥与p12文件分开. 例如,如果您有mycert.p12文件,请执行
If you have a .p12 file your approach is right. First of all you have to get the cert and the key separated from the p12 file. As an example, if you have a mycert.p12 file execute
openssl pkcs12 -in mycert.p12 -out file.key.pem -nocerts -nodes
openssl pkcs12 -in mycert.p12 -out file.crt.pem -clcerts -nokeys
然后,您必须拨打您的url.例如,假设您要获取特定Web服务的wsdl
Then you have to make the call to your url. For instance assume that you want to get the wsdl of a specific webservice
curl -E ./file.crt.pem --key ./file.key.pem https://myservice.com/service?wsdl
如果文件file.crt.pem和file.key.pem位于您的工作文件夹中,则"./"为必填项.
If the files file.crt.pem and file.key.pem are in your working folder "./" is mandatory.
这篇关于bash脚本中带有PKCS#12证书的cURL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!