如何使用带密码的 PEM 证书?
我在尝试使用带有 ruby 密码的证书时遇到了很多麻烦。我正在使用rest-client,但这不是必需的。
这是我需要进行的调用的 cURL 等效项:
curl -E certificate.pem:PASSWORD -d ident=language -d data="test" "https://theurl"
我尝试了很多方法,但无法使密码部分正常工作。到目前为止,这是我所拥有的:
cert = OpenSSL::X509::Certificate.new(File.read("#{RAILS_ROOT}/certificate.pem"))
reply = RestClient.post("https://theurl", {:ident => 'language', :data => 'test'}, {:ssl_client_cert => cert})
我尝试将密码放在任何地方,例如 :password 和 :ssl_client_key,我已经浏览了我能找到的所有文档,但没有任何地方可以接受此密码。
这是我经常遇到的错误:
SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert handshake failure
我错过了什么?
I'm having plenty of trouble trying to use a certificate that has a password on ruby. I'm using rest-client, but that's not a requirement.
This is the cURL-equivalent of the call I need to make:
curl -E certificate.pem:PASSWORD -d ident=language -d data="test" "https://theurl"
I tried many things, but I can't get the password part working. Here's what I have so far:
cert = OpenSSL::X509::Certificate.new(File.read("#{RAILS_ROOT}/certificate.pem"))
reply = RestClient.post("https://theurl", {:ident => 'language', :data => 'test'}, {:ssl_client_cert => cert})
I've tried putting the password everywhere, as :password and :ssl_client_key, I've looked through all documentation I could find but there's nowhere that will accept this password.
This is the error I always get:
SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert handshake failure
What am I missing?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
使用带有选项 -E 的curl 的方式,您正在指定带有证书的私钥。
(来自 cURL 手册页)
因此,为了对 RestClient 执行相同的操作,您可以尝试使用 ssl_client_key 选项。喜欢:
The way you uses curl with option -E, you are specifying a private key with a certificate.
(from the cURL man page)
So in order to do the samething with RestClient, you can try using the ssl_client_key option. Like: