On Wed, Sep 3, 2014 at 11:58 AM, Vilmos Nebehaj <v.nebehaj_at_gmail.com> wrote:
> On Wed, Sep 3, 2014 at 8:13 AM, Daniel Stenberg <daniel_at_haxx.se> wrote:
>> On Tue, 2 Sep 2014, Toby Peterson wrote:
>>
>>> Quick followup. 4c134bc seems to function as intended - thanks! However,
>>> the second change (0426670) breaks the build on iOS, because
>>> SecCertificateCopyPublicKey is not available. I'm not aware of a good
>>> replacement, unfortunately. #ifdef'ing that check out works, of course.
>>
>>
>> Is the problem then perhaps a similar one with client certificates that it
>> just doesn't grok PEM formatted ones?
>>
>> Client certificate use failure is reported in:
>>
>> https://sourceforge.net/p/curl/bugs/1417/
>
> I suspect this is due to the fact that the certificate API only
> accepts DER certificates. Converting the PEM files to DER internally
> should solve the problem, though. I will look into it.

I checked the Secure Transport API docs, and the only way to import a
privkey + certificate for client authentication seems to be via PKCS12
files.

Documentation for the --cert option actually explicitly states that
only PKCS12 is supported, so users need to convert their privkey +
certificate bundles to PKCS12 first.

> Cheers,
> Vilmos
>
>> --
>>
>> / daniel.haxx.se
>>
>> -------------------------------------------------------------------
>> List admin: http://cool.haxx.se/list/listinfo/curl-library
>> Etiquette: http://curl.haxx.se/mail/etiquette.html
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-09-04