Running Curl Commands for certs

This topic contains 1 reply, has 2 voices, and was last updated by Profile photo of Don Jones Don Jones 1 year, 10 months ago.

  • Author
    Posts
  • #22485
    Profile photo of bvi1998 .
    bvi1998 .
    Participant

    Hi,

    I have 2 curl commands I am supposed to run for certificate validation and signing:

    curl -k -u $USER -w "\n%{http_code}\n" -H "Accept: json" https://site-ca.domain.net/environment/certificate_status/testhost.domain.net

    curl -k –negotiate -u : -X PUT -H "Content-Type: text/json" –data '{"desired_state":"signed"}' https://site-ca.domain.net/environment/certificate_status/testhost.domain.net

    This is way out of my league really.. I've been trying to use Invoke-RestMethod but I am get some trust errors and connections closed errors. Has anyone worked with this before, and would you please help? I am talking to a Linux host from a Windows 2008 server...

    Thanks!

  • #22486
    Profile photo of Don Jones
    Don Jones
    Keymaster

    Invoke-WebRequest (and Invoke-RestMethod) isn't exactly a one-for-one replacement for curl.

    That said, you need to look at some web access basics. Say SERVER1 is sending the request, and SERVER2 is the web server. Because you're using HTTPS, SERVER2 is going to be expected to present an SSL certificate. Does SERVER1 trust the CA that issued the certificate? If not, it won't work – and that sounds like your problem. I don't think Invoke-RestMethod has an override to let you connect to an untrusted server – you're going to have to install the appropriate trust on SERVER1 so that it trust's SERVER2's certificate.

    SSL is pointless if the client machine (SERVER1) doesn't trust the certificate. If you can't use HTTP (take SSL out of it), then you need to get that trust in place.

    I suppose you could consider downloading curl for Windows. http://curl.haxx.se/download.html. Specifically, there's an MSI installer at http://www.confusedbycode.com/curl/, allegedly.

You must be logged in to reply to this topic.