I have a .cer (Digital Certificate) file, .pfx (Personal Information Exchange file i.e., the private key for the certificate). I cannot use either of these to authenticate to the web service as curl would not accept these formats.
- Convert it into PEM format (X.509 certificate) using openssl.
openssl pkcs12 -in abcd.pfx -out abcd.pem
Enter a passphrase and a password.
- Still you cannot use this with curl because you’d get a few errors.
- Convert this PEM certificate into three different certificates for the client, the private key and the certification authority certificate.
openssl pkcs12 -in abcd.pfx -out ca.pem -cacerts -nokeys openssl pkcs12 -in abcd.pfx -out client.pem -clcerts -nokeys openssl pkcs12 -in abcd.pfx -out key.pem -nocerts
- Use the following command:
curl -k https://www.thesitetoauthenticate.com/test -v --key key.pem --cacert ca.pem --cert client.pem