具有自签名证书的CURL SSL [英] CURL SSL with self signed certificate
问题描述
我有一个使用自签名证书运行的烧瓶应用程序。我可以使用以下方式发送卷曲请求:
I have a flask application running using a self signed certificate. I'm able to send in a curl request using:
curl -v -k -H "Content-Type: application/json" -d '{"data":"value1","key":"value2"}' https://<server_ip>:<port>
详细日志显示一切顺利。
The verbose logs show that everything went alright.
我想避免使用-k(--insecure)选项,而是指定一个curl可以使用的.pem文件。查看curl手册页,我发现你可以使用--cert选项。
所以我使用这个创建了一个.pem文件:
I wanted to avoid using the -k (--insecure) option and instead specify a .pem file that curl could use. Looking at the curl man page I found that you could do this using the --cert option. So I created a .pem file using this:
openssl rsa -in server.key -text > private.pem
CURL在使用private.pem文件时会引发此错误:
CURL throws me this error when using the private.pem file:
curl: (58) unable to use client certificate (no key found or wrong pass phrase?)
有任何建议吗? -
Any suggestions? - or is this only possible with a properly signed certificate?
推荐答案
这只是此问题的另一个版本:使用openssl从服务器获取证书
This is just another version of this question: Using openssl to get the certificate from a server
或更直接地:
使用 curl --cert 错误,它是为客户端证书。
Using curl --cert is wrong, it is for client certificates.
首先,获取您的服务器使用的证书:
First, get the the certs your server is using:
$ openssl s_client -showcerts -connect server:443 > cacert.pem
然后使您的curl命令行用于在后续操作中验证服务器: / p>
Then make your curl command line use that set to verify the server in subsequent operations:
$ curl --cacert cacert.pem https://server/ [and the rest]
这篇关于具有自签名证书的CURL SSL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!