Client Certificates with LibCUrl

https://stackoverflow.com/questions/7810432

26-10-2019
|

Question

I am using libCurl to download a file from a remote server. That remote server requires client certificates. Here are the options that i have tried:

curl_easy_setopt(pCurl, CURLOPT_URL, url);
curl_easy_setopt(pCurl, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_easy_setopt(pCurl, CURLOPT_SSL_VERIFYHOST, 2);
curl_easy_setopt(pCurl, CURLOPT_VERBOSE, 1);
curl_easy_setopt(pCurl, CURLOPT_CERTINFO, 1L);
curl_easy_setopt(pCurl, CURLOPT_SSL_VERIFYPEER, 1);
//the following two lines specify the path to my valid client certificate
curl_easy_setopt(pCurl, CURLOPT_CAINFO, "c:\\Delta.p12");
curl_easy_setopt(pCurl, CURLOPT_CAPATH, "c:\\Delta.p12");

When I make the Https request, I get a 403: Forbidden error that says I have not specified the needed credentials. This certificate works via a browser, so I know that the cert is valid.

Any help to get this work is appreciated. Thanks!

Solution

If you get a 403, you already got passed the SSL layer so it would indicate that the certificate was good enough but that the server is there talking about something else.

But note that the CURLOPT_CA* options are used to specify your CA cert bundle (or path), so the above lines don't set any client certificate at all!

For a small example that shows how to use a client certificate with libcurl, see this:

http://curl.haxx.se/libcurl/c/simplessl.html

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow