headers
David Felton | 1 May 2004 02:54
Favicon

client certificates and certificate bundle

Can anyone tell me if when you are using client certificates, if these are
checked for validity against the certificate bundle you are using? Or if the
certificate bundle is purely used to verify the certificate of the site you
are connecting to?

Thanks.

**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
**********************************************************************
Permalink | Reply | 1 comment |
headers
Daniel Stenberg | 1 May 2004 20:52
Picon
Favicon

Re: client certificates and certificate bundle

On Sat, 1 May 2004, David Felton wrote:

> Can anyone tell me if when you are using client certificates, if these are
> checked for validity against the certificate bundle you are using?

They are not and they can't be. Only the server that issued the client cert
can verify it.

> Or if the certificate bundle is purely used to verify the certificate of the
> site you are connecting to?

That's what the bundle is there for.

--

-- 
     Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se
      Dedicated custom curl help for hire: http://haxx.se/curl.html
Permalink | Reply | 0 comments |
headers
Diana Castillo | 3 May 2004 19:01

https

what do i have to change to send a message using curl to an https connection?
this is the code I normally use:
function getResponse($request, $type){
  $curl_interface = curl_init();
  curl_setopt($curl_interface, CURLOPT_URL,$this->url);
  curl_setopt($curl_interface, CURLOPT_POST, 1);
  curl_setopt($curl_interface, CURLOPT_POSTFIELDS,$request);
  curl_setopt ($curl_interface, CURLOPT_RETURNTRANSFER, 1);
  $xml_response=curl_exec ($curl_interface);
  curl_close ($curl_interface);              
  return $xml_response;
}
 
do I have to add something besides just setting the url to an https url?
 
Diana Castillo
Global Reservas, S.L.
C/Granvia 22 dcdo 4-dcha
28013 Madrid-Spain
Tel : 00-34-913604039
Fax : 00-34-915228673
email: diana <at> hotelkey.com
Web : http://www.hotelkey.com
      http://www.destinia.com
Permalink | Reply | 1 comment |
headers
Diana Castillo | 3 May 2004 19:19

secure

How can I tell whether I have the secure version of curl installed or not?
thanks
 
Diana Castillo
Global Reservas, S.L.
C/Granvia 22 dcdo 4-dcha
28013 Madrid-Spain
Tel : 00-34-913604039
Fax : 00-34-915228673
email: diana <at> hotelkey.com
Web : http://www.hotelkey.com
      http://www.destinia.com
Permalink | Reply | 1 comment |
headers
Steve Yeazel | 3 May 2004 19:22

Re: secure

At 12:19 PM 5/3/2004, you wrote:
>How can I tell whether I have the secure version of curl installed or not?
>thanks
>
>Diana Castillo
>Global Reservas, S.L.
>C/Granvia 22 dcdo 4-dcha
>28013 Madrid-Spain
>Tel : 00-34-913604039
>Fax : 00-34-915228673
>email: <mailto:diana <at> hotelkey.com>diana <at> hotelkey.com
>Web : <http://www.hotelkey.com>http://www.hotelkey.com
>       http://www.destinia.com

look at your php_info() and see if curl was compiled with openssl
Permalink | Reply | 0 comments |
headers
Daniel Stenberg | 4 May 2004 09:50
Picon
Favicon

Re: https

On Mon, 3 May 2004, Diana Castillo wrote:

> what do i have to change to send a message using curl to an https connection?
> this is the code I normally use:

> do I have to add something besides just setting the url to an https url?

Perhaps: http://curl.haxx.se/docs/sslcerts.html

--

-- 
     Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se
      Dedicated custom curl help for hire: http://haxx.se/curl.html
Permalink | Reply | 0 comments |
headers
David Felton | 4 May 2004 14:22
Favicon

'The page requires a valid client certificate'


I have a client certificate that I need to use to connect to a server via
https. If I install the certificate on my (windows 2000) server I can visit
the server I want to connect to through IE and I get prompted to select the
client certificate, after I have done that internet explorer can connect to
the secure server ok.

When I try to connect using cURL, however (through PHP or command line) I
always get a 403.16 error with the message 'The page requires a valid client
certificate'. I've converted my certificate with OpenSSL to PEM format - I'm
sure I've done this part correctly, I then use the certificate when
connecting along the lines of:

curl -d data --verbose --insecure --cert cert.pem --key cert_key.pem --pass
<password> https://<servertoconnectto>.com

But I always get the error.

Does anyone have any idea what might be going wrong?

Thanks for any help anyone can give me.

**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
**********************************************************************
Permalink | Reply | 0 comments |
headers
Diana Castillo | 4 May 2004 16:57

Fw: curl


Hi, I need to know why when I send petition with CURL like this, the machine I am sending to approves my authorization, but gets an empty request.  What can I do to debug this?
function getResponse($request, $type){
  $curl_interface = curl_init();
  curl_setopt($curl_interface, CURLOPT_HTTPHEADER,array("Authorization: Basic " . base64_encode(AZOR_USR . ":" . AZOR_PASSWORD)));
  curl_setopt($curl_interface, CURLOPT_URL,AZOR_URL);
  curl_setopt($curl_interface, CURLOPT_POST, 1);
  curl_setopt($curl_interface, CURLOPT_POSTFIELDS,$request);
  curl_setopt ($curl_interface, CURLOPT_RETURNTRANSFER, 1);
  $xml_response=curl_exec ($curl_interface);
  curl_close ($curl_interface);              
  return $xml_response;
 }
 
Diana Castillo
Global Reservas, S.L.
C/Granvia 22 dcdo 4-dcha
28013 Madrid-Spain
Tel : 00-34-913604039
Fax : 00-34-915228673
email: diana <at> hotelkey.com
Web : http://www.hotelkey.com
      http://www.destinia.com
Permalink | Reply | 1 comment |
headers
Daniel Stenberg | 4 May 2004 17:09
Picon
Favicon

Re: Fw: curl

On Tue, 4 May 2004, Diana Castillo wrote:

> Hi, I need to know why when I send petition with CURL like this, the machine
> I am sending to approves my authorization, but gets an empty request.  What
> can I do to debug this?

My advice: use the command line version to fine-tune everything, then convert
it to PHP code.

> curl_setopt($curl_interface, CURLOPT_HTTPHEADER,array("Authorization: Basic
"
> . base64_encode(AZOR_USR . ":" . AZOR_PASSWORD)));

curl offers support for HTTP authentication already, in case you don't want to
do that stuff yourself... Not that Basic is very hard to do on your own of
course.

>   $xml_response=curl_exec ($curl_interface);

There's a curl_errno() or something that you can use to see if the curl
operation did good or not.

--

-- 
     Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se
      Dedicated custom curl help for hire: http://haxx.se/curl.html
Permalink | Reply | 0 comments |
headers
Diana Castillo | 5 May 2004 12:40

why they got an empty request.

the answer to my problem of why they got an empty request is I had to add 
"xml=" before the request.
Permalink | Reply | 0 comments |

Gmane