Re: [Pki-users] curl / certrequests

Wednesday, 24 June 2020

(cc'ing pki-users for more wider audience)

Try to extract the admin cert and key from PKCS12 to a PEM file:
````
$ openssl pkcs12 -in ~/.dogtag/pki-tomcat/ca_admin_cert.p12 -out
file.crt.pem -clcerts -nokeys
$ openssl pkcs12 -in ~/.dogtag/pki-tomcat/ca_admin_cert.p12 -out
file.key.pem -nocerts -nodes
````

Then, pass both the cert and key as params to curl:
$ curl -v -k -E file.crt.pem --key file.key.pem https://
<host>:8443/ca/rest/agent/certrequests

Note that I am passing in `-k` since I am using a self-signed CA cert.

Ref:
https://stackoverflow.com/questions/32253909/curl-with-a-pkcs12-certifica...

HTH.

Regards,
--Dinesh

On Wed, Jun 17, 2020 at 7:02 AM Pascal Jakobi <pascal.jakobi(a)gmail.com&gt;
wrote:

...
 [root@auth pki-tomcat]# curl -v  -E "/tmp/ca_admin.cert" -H
"Accept: application/json" https://zbook.home:8443/ca/rest/agent/certrequests
 *   Trying 192.168.1.20:8443...
 * TCP_NODELAY set
 * Connected to zbook.home (192.168.1.20) port 8443 (#0)
 * ALPN, offering h2
 * ALPN, offering http/1.1
 * unable to set private key file: '/tmp/ca_admin.cert' type PEM
 * Closing connection 0
 curl: (58) unable to set private key file: '/tmp/ca_admin.cert' type PEM
 [root@auth pki-tomcat]#

 For the time being, I do not understand what's to be done...

 Rgds

 P
 Le 16/06/2020 à 01:09, Dinesh Prasanth Moluguwan Krishnamoorthy a écrit :

 Hi Pascal,

 What version of PKI are you using?

 Can you try replacing your URL with https protocol and corresponding port
 number? https://zbook.home:8443/ca/rest/agent/certrequests
 By default, secure port is 8443

 Regards,
 --Dinesh

 On Mon, Jun 15, 2020 at 6:55 PM Pascal Jakobi <pascal.jakobi(a)gmail.com&gt;
 wrote:

> I am trying to retrieve the cert reqs that are in my CA at the moment.
>
> The (wrong) curl command I use is below, with its result :
>
> curl -v  -E "/tmp/ca_admin.cert" -H "Accept: application/json"
> http://zbook.home:8080/ca/rest/agent/certrequests
> *   Trying 192.168.1.20...
> * TCP_NODELAY set
> * Connected to zbook.home (192.168.1.20) port 8080 (#0)
> > GET /ca/rest/agent/certrequests HTTP/1.1
> > Host: zbook.home:8080
> > User-Agent: curl/7.61.1
> > Accept: application/json
> >
> < HTTP/1.1 302
> < Cache-Control: private
> < Expires: Thu, 01 Jan 1970 00:00:00 GMT
> < Location: https://zbook.home:8443/ca/rest/agent/certrequests
> < Content-Length: 0
> < Date: Mon, 15 Jun 2020 22:50:24 GMT
> <
> * Connection #0 to host zbook.home left intact
>
> Can someone tell me what's the correct curl command or why don't I
> receive anything as a result ?
>
>
> Thank you in advance.
> --
> *Pascal Jakobi*
> _______________________________________________
> Pki-users mailing list
> Pki-users(a)redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users

 --
 *Pascal Jakobi* 116 rue de Stalingrad 93100 Montreuil, France
 pascal.jakobi(a)gmail.com - +33 6 87 47 58 19

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008