(cc'ing pki-users for more wider audience) Try to extract the admin cert and key from PKCS12 to a PEM file: ```` $ openssl pkcs12 -in ~/.dogtag/pki-tomcat/ca_admin_cert.p12 -out file.crt.pem -clcerts -nokeys $ openssl pkcs12 -in ~/.dogtag/pki-tomcat/ca_admin_cert.p12 -out file.key.pem -nocerts -nodes ````
Then, pass both the cert and key as params to curl: $ curl -v -k -E file.crt.pem --key file.key.pem https:// <host>:8443/ca/rest/agent/certrequests Note that I am passing in `-k` since I am using a self-signed CA cert. Ref: https://stackoverflow.com/questions/32253909/curl-with-a-pkcs12-certificate-in-a-bash-script HTH. Regards, --Dinesh On Wed, Jun 17, 2020 at 7:02 AM Pascal Jakobi <pascal.jak...@gmail.com> wrote: > [root@auth pki-tomcat]# curl -v -E "/tmp/ca_admin.cert" -H "Accept: > application/json" https://zbook.home:8443/ca/rest/agent/certrequests > * Trying 192.168.1.20:8443... > * TCP_NODELAY set > * Connected to zbook.home (192.168.1.20) port 8443 (#0) > * ALPN, offering h2 > * ALPN, offering http/1.1 > * unable to set private key file: '/tmp/ca_admin.cert' type PEM > * Closing connection 0 > curl: (58) unable to set private key file: '/tmp/ca_admin.cert' type PEM > [root@auth pki-tomcat]# > > > For the time being, I do not understand what's to be done... > > Rgds > > P > Le 16/06/2020 à 01:09, Dinesh Prasanth Moluguwan Krishnamoorthy a écrit : > > Hi Pascal, > > What version of PKI are you using? > > Can you try replacing your URL with https protocol and corresponding port > number? https://zbook.home:8443/ca/rest/agent/certrequests > By default, secure port is 8443 > > Regards, > --Dinesh > > On Mon, Jun 15, 2020 at 6:55 PM Pascal Jakobi <pascal.jak...@gmail.com> > wrote: > >> I am trying to retrieve the cert reqs that are in my CA at the moment. >> >> The (wrong) curl command I use is below, with its result : >> >> curl -v -E "/tmp/ca_admin.cert" -H "Accept: application/json" >> http://zbook.home:8080/ca/rest/agent/certrequests >> * Trying 192.168.1.20... >> * TCP_NODELAY set >> * Connected to zbook.home (192.168.1.20) port 8080 (#0) >> > GET /ca/rest/agent/certrequests HTTP/1.1 >> > Host: zbook.home:8080 >> > User-Agent: curl/7.61.1 >> > Accept: application/json >> > >> < HTTP/1.1 302 >> < Cache-Control: private >> < Expires: Thu, 01 Jan 1970 00:00:00 GMT >> < Location: https://zbook.home:8443/ca/rest/agent/certrequests >> < Content-Length: 0 >> < Date: Mon, 15 Jun 2020 22:50:24 GMT >> < >> * Connection #0 to host zbook.home left intact >> >> Can someone tell me what's the correct curl command or why don't I >> receive anything as a result ? >> >> >> Thank you in advance. >> -- >> *Pascal Jakobi* >> _______________________________________________ >> Pki-users mailing list >> Pki-users@redhat.com >> https://www.redhat.com/mailman/listinfo/pki-users > > -- > *Pascal Jakobi* 116 rue de Stalingrad 93100 Montreuil, France > pascal.jak...@gmail.com - +33 6 87 47 58 19 >
_______________________________________________ Pki-users mailing list Pki-users@redhat.com https://www.redhat.com/mailman/listinfo/pki-users
