本文介绍了curl:(58)无法加载客户端密钥-8178的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我遇到了一个SSL问题与 curl 命令。我想使用我的SSL用户端凭证和私人密钥连到网址。



这是我的命令:

  $ curl -k -vhttps://myurl.com/--cert ./certificate.pem --key ./private.key 

*关于连接()到xx.xx.xx.xx端口23444(#0)
*尝试xx.xx.xx.xx ...连接
*连接到xx.xx.xx.xx (xx.xx.xx.xx)port 23444(#0)
*使用certpath:sql初始化NSS:/ etc / pki / nssdb
*警告:忽略ssl.verifyhost的值
*无法加载客户端密钥-8178。
* NSS错误-8178
*关闭连接#0
curl:(58)无法加载客户端密钥-8178。

密钥受密码保护, curl 不要求我输入密码,这是很奇怪的。即使我通过密码 - pass ,我仍然得到相同的错误。



不考虑参数 - key ,因为如果我替换为 foo.key 文件系统,我仍然得到相同的错误。



但是,如果使用:

  $ wget --certificate =。/ certificate.pem --private-key = private.keyhttps://myurl.com/--no-check-certificate 



我可以找到我的网址。



p>

解决方案

我经历了同样的情况,我发现解决方案终于,也许会帮助你。



失败的原因是PKCS#8私钥格式:




  • 8私人密钥

    ----- BEGIN加密私人密钥----- 标题



    ----- BEGIN PRIVATE KEY ----- 标题



    使用此键 curl + openssl 可以工作,但不能使用 curl + nss + libnsspem.so




  • ----- BEGIN RSA私人密钥----- 标题



    both curl + openssl curl + nss + libnsspem.so 将工作。




所以使用这个命令

 code> openssl rsa -in key.pem -out newkey.pem 

删除通票RSA私钥上的短语。


I am facing an SSL issue with the curlcommand. I want to reach an URL using my SSL client certificate and private key.

This is my command:

$ curl -k -v "https://myurl.com/" --cert ./certificate.pem --key ./private.key

* About to connect() to xx.xx.xx.xx port 23444 (#0)
*   Trying xx.xx.xx.xx... connected
* Connected to xx.xx.xx.xx (xx.xx.xx.xx) port 23444 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* Unable to load client key -8178.
* NSS error -8178
* Closing connection #0
curl: (58) Unable to load client key -8178.

The key is password protected, curl is not asking me to enter the password, which is very strange. Even if I pass the password with --pass, I still get the same error.

It seems that the argument --key is not considered, because If I replaced with foo.key, which doesn't exist on my filesystem, I still get the same error.

However, If use:

$ wget --certificate=./certificate.pem --private-key=private.key "https://myurl.com/" --no-check-certificate

I am able to reach my URL.

Do you have any idea?

解决方案

I have gone through the same situation, and I found solution finally, maybe it will help you.

The failure was due to the PKCS#8 private key format:

  • With a PKCS#8 private key
    -----BEGIN ENCRYPTED PRIVATE KEY----- header
    or
    -----BEGIN PRIVATE KEY----- header

    With this Key curl + openssl will works, but not curl + nss + libnsspem.so

  • With a RSA private key
    -----BEGIN RSA PRIVATE KEY----- header

    both curl + openssl and curl + nss + libnsspem.so will work.

So use this command

openssl rsa -in key.pem -out newkey.pem

to remove the pass phrase on an RSA private key.

这篇关于curl:(58)无法加载客户端密钥-8178的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-26 18:01