Why doesn't curl work with ssl on centOS + nss?

W

WotanWeb2020-03-05 12:44:47

linux

WotanWeb, 2020-03-05 12:44:47

Good afternoon! The question will sound a little chaotic, but I hope you can understand =)

There is a curl connection with the following parameters:

CURLOPT_SSLCERT => '/cert.pem',
CURLOPT_SSLKEY => '/key.pem',
CURLOPT_SSLKEYPASSWD => "1111",

Works great on regular hosting. On VPS with centOS and nss gives:
Error curl: unable to load client key: -8178 (SEC_ERROR_BAD_KEY)

Found similar problems on SO, everywhere they advise this:
openssl rsa -in key.pem -out newkey.pem

After that another error:
Error curl: NSS: private key from file not found

How to make it work?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

C

CityCat4, 2020-03-05
@WotanWeb

The key does not match the certificate.
The command you found on SO is extremely stupid, probably taken out of context. She doesn't do anything. That's just nothing, creates a copy of the file and that's it. And possibly spoil it.
How to force? Well, submit a normal certificate where the key matches the certificate ;)

F

Foxcloud Foxcloud, 2020-03-10
@FoxCloud

Hello!
Try using the -k switch while curl is running.
curl -k should help with connecting to self-signed certificates.
Also use the -vvvvv switch when diagnosing. Will give you a detailed error response.