[Cialug] Open SSL and cert help
Scott Yates
Scott at yatesframe.com
Wed Dec 26 22:35:58 UTC 2018
Thank you for sharing the eventual solution
On Wed, Dec 26, 2018 at 4:32 PM Dave Weis <djweis at sjdjweis.com> wrote:
> I think I'd have the same problem either way. In any case, I was able to
> figure it out:
>
> openssl pkcs12 -in foo.pfx -nocerts -out key.pem
>
> openssl pkcs12 -in foo.pfx -clcerts -nokeys -out public.pem
>
> openssl rsa -in key.pem -out privatekey.pem
>
> The last command removes the key from the cert so it can be used on the
> command line without lots of retyping.
>
> dave
>
>
>
>
>
>
> On Wed, Dec 26, 2018 at 4:04 PM Scott Yates <Scott at yatesframe.com> wrote:
>
> > Ahh, sorry, i have not done that yet. I wonder if curl would do that
> > better perhaps?
> >
> > On Wed, Dec 26, 2018 at 3:51 PM Dave Weis <djweis at sjdjweis.com> wrote:
> >
> > > I need to present a private certificate to them that they generated and
> > > accept their CA certificate. Neither of those are correctly occurring
> > with
> > > the wget command.
> > >
> > >
> > >
> > >
> > > On Wed, Dec 26, 2018 at 3:18 PM Scott Yates <Scott at yatesframe.com>
> > wrote:
> > >
> > > > I thought all you needed was the --no-check-certificate and could
> skip
> > > the
> > > > other options (except -v of course if you want it)
> > > >
> > > >
> > > > On Wed, Dec 26, 2018 at 1:38 PM Dave Weis <djweis at sjdjweis.com>
> wrote:
> > > >
> > > > > Hello!
> > > > >
> > > > > I need to access a site with wget to download files. I have the CA
> > and
> > > > > private cert added to Chrome and it works fine. I don't remember
> how
> > I
> > > > did
> > > > > this in the past but have the pfx file that I exported.
> > > > >
> > > > > [djweis at grand RLD]$ wget -v --no-check-certificate
> > > > > --certificate=cacert.crt
> > > > > --private-key=privatekey.pem --private-key-type=pem
> > > > > https://rld.foo.com/rld/wtrliadt.txt
> > > > > --2018-12-26 13:35:58-- https://rld.foo.com/rld/wtrliadt.txt
> > > > > OpenSSL: error:0B080074:x509 certificate
> > > > > routines:X509_check_private_key:key values mismatch
> > > > > Disabling SSL due to encountered errors.
> > > > >
> > > > > It's been a long time since I used the openssl command line. Any
> > > > > suggestions?
> > > > >
> > > > > thanks
> > > > > dave
> > > > > _______________________________________________
> > > > > Cialug mailing list
> > > > > Cialug at cialug.org
> > > > > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
> > > > >
> > > > _______________________________________________
> > > > Cialug mailing list
> > > > Cialug at cialug.org
> > > > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
> > > >
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
> > >
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
> >
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
>
More information about the Cialug
mailing list