使用LibCUrl的客户证书 [英] Client Certificates with LibCUrl

问题描述

我正在使用libCurl从远程服务器下载文件.该远程服务器需要客户端证书.这是我尝试过的选项:

I am using libCurl to download a file from a remote server. That remote server requires client certificates. Here are the options that i have tried:

curl_easy_setopt(pCurl, CURLOPT_URL, url);
curl_easy_setopt(pCurl, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_easy_setopt(pCurl, CURLOPT_SSL_VERIFYHOST, 2);
curl_easy_setopt(pCurl, CURLOPT_VERBOSE, 1);
curl_easy_setopt(pCurl, CURLOPT_CERTINFO, 1L);
curl_easy_setopt(pCurl, CURLOPT_SSL_VERIFYPEER, 1);
//the following two lines specify the path to my valid client certificate
curl_easy_setopt(pCurl, CURLOPT_CAINFO, "c:\\Delta.p12");
curl_easy_setopt(pCurl, CURLOPT_CAPATH, "c:\\Delta.p12");

当我发出Https请求时，出现403:禁止的错误，提示我未指定所需的凭据.该证书通过浏览器工作，因此我知道该证书有效.

When I make the Https request, I get a 403: Forbidden error that says I have not specified the needed credentials. This certificate works via a browser, so I know that the cert is valid.

感谢您对获得此工作的任何帮助.谢谢！

Any help to get this work is appreciated. Thanks!

推荐答案

如果您收到403，则说明您已经通过了SSL层，因此它表明证书足够好，但是服务器在谈论其他内容

If you get a 403, you already got passed the SSL layer so it would indicate that the certificate was good enough but that the server is there talking about something else.

但是请注意，CURLOPT_CA *选项用于指定您的CA证书捆绑包(或路径)，因此上述各行根本没有设置任何客户端证书！

But note that the CURLOPT_CA* options are used to specify your CA cert bundle (or path), so the above lines don't set any client certificate at all!

有关显示如何将客户端证书与libcurl一起使用的小示例，请参见:

For a small example that shows how to use a client certificate with libcurl, see this:

http://curl.haxx.se/libcurl/c/simplessl.html

这篇关于使用LibCUrl的客户证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！