Hi, I'm trying to use client certificates with Drakma to call an existing web based API.
I have the latest code from https://github.com/edicl/drakma installed in my quicklisp local-projects directory. I'm using SBCL on OS X and Linux. The client certificate is a .pfx file, and I've converted it to .pem format using openssl pkcs12 -in robblackwellmanage.pfx -out robblackwellmanage.pfx.pem I have verfied that this works as a server certifcate, using hunchentoot, thus: (hunchentoot:start (make-instance 'hunchentoot:ssl-acceptor :ssl-privatekey-file "/Users/reb/certs/robblackwellmanage.pfx.pem" :ssl-certificate-file "/Users/reb/certs/robblackwellmanage.pfx.pem" :ssl-privatekey-password "password" :port 4343)) When I try to use this as a client certificate: (drakma:http-request resource :certificate "/Users/reb/certs/robblackwellmanage.pfx.pem" :key "/Users/reb/certs/robblackwellmanage.pfx.pem" :certificate-password "password" :method :get :content "" :content-type "application/xml" :additional-headers headers) I get the following error SSL initialization error: Can't load certificate passwordSSL error queue is empty. [Condition of type CL+SSL::SSL-ERROR-INITIALIZE] Interestingly, if I deliberately supply the wrong password then I get a different error SSL initialization error: Can't load RSA private key file /Users/reb/certs/robblackwellmanage.pfx.pemSSL error queue is empty. [Condition of type CL+SSL::SSL-ERROR-INITIALIZE] I guess I'm doing something really silly - please excuse my ignorance, but any advice, suggestions or guidance on how to proceed would be very much appreciated. Thanks! Rob _______________________________________________ drakma-devel mailing list drakma-devel@common-lisp.net http://lists.common-lisp.net/cgi-bin/mailman/listinfo/drakma-devel
