How can I use curl with a SSL URL to get a 200 OK?

0

I'm trying to use curl to get the HTTP status of a GET request:

curl --insecure --silent --show-error --connect-timeout 1 -I https://host:8443/health

Note: I'm using the --insecure flag in this command.

I get the following output:

HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Accept-Ranges: bytes
Last-Modified: Wed, 16 May 2012 03:05:24 GMT
Content-Type: text/html
Content-Length: 1234
Date: Wed, 16 May 2012 08:57:30 GMT

When I navigate to this URL in a browser, it works fine and I get a 200 OK.

How can get a 200 OK from the curl command? Can I export the PEM cert from the browser and use it some way?

redspike

Posted 2012-05-16T09:21:35.813

Reputation: 105

Answers

0

You can export the cert from your browser and use it with cURL. From the man page :

-E, --cert [certificate][:password]

(SSL) Tells curl to use the specified client certificate file when getting a file with HTTPS, FTPS or another SSL-based protocol. The certificate must be in PEM format. If the optional password isn't specified, it will be queried for on the terminal. Note that this option assumes a "certificate" file that is the private key and the private certificate concatenated! See --cert and --key to specify them independently.

If curl is built against the NSS SSL library then this option can tell curl the nickname of the certificate to use within the NSS database defined by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be loaded. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname.

If this option is used several times, the last one will be used.

Sibster

Posted 2012-05-16T09:21:35.813

Reputation: 784

Could you please give an example for https://stackexchange.com – GypsyCosmonaut – 2017-08-23T13:45:55.737

0

Pre-requisites:-

How to:-

1)Extract openssl tarball

tar -zxvf openssl-1.1.1.tar.gz

cd openssl-1.1.1/

./config

make

make install

2)Now work on curl.Extract tarball and configure with openssl compatibility

cp curl-7.61.1.tar.bz2 /opt/

cd /opt

tar -jxvf curl-7.61.1.tar.bz2

cd curl-7.61.1/

env PKG_CONFIG_PATH=/usr/local/ssl ./configure --with-ssl

make

make install

3)Add new path to new “loader libraries”

echo “/opt/openssl-1.1.1/ssl” >>/etc/ld.so.conf

ldconfig

4)Make new curl as default one.

ln -s /opt/curl-7.61.1/src/curl /usr/bin/curl

5)Check the version of curl

Server:~# curl --version

curl 7.61.1 (x86_64-pc-linux-gnu) libcurl/7.61.1 OpenSSL/1.1.1 zlib/1.2.7

Release-Date: 2018-09-05

Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp

Features: AsynchDNS Largefile NTLM NTLM_WB SSL libz TLS-SRP UnixSockets HTTPS-proxy

Done

#

#

#

Thank you,

nitiratna.nikalje@gmail.com

Niti

Posted 2012-05-16T09:21:35.813

Reputation: 1

Asked: 2012-05-16T09:21:35.813

Viewed: 25 182 times

Active: 2018-09-24T09:59:34.797