- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
我正在使用来自 WINDOWS 的 CURL 命令。我已经在下面发布了命令。我还发布了命令的结果。在我看来,服务器在发送证书之前终止了连接。但我可能错了。没有发送证书的任何想法?
curl -v --cert C:\Users\myFolder\Downloads\hs_test_cert.pem --key C:\Users\myFolder\Downloads\hst_test_key.pem https://myAPIGEEhost.apigee.net/MyBackendName_CCDA_API?apikey=MyAssignedAPIKey
* Trying 00.00.00...
* TCP_NODELAY set
* Connected to myAPIGEEhost.apigee.net (00.00.00) port 443 (#0)
* schannel: SSL/TLS connection with myAPIGEEhost.apigee.net port 443 (step 1/3)
* schannel: checking server certificate revocation
* schannel: sending initial handshake data: sending 203 bytes...
* schannel: sent initial handshake data: sent 203 bytes
* schannel: SSL/TLS connection with myAPIGEEhost.apigee.net port 443 (step 2/3)
* schannel: failed to receive handshake, need more data
* schannel: SSL/TLS connection with myAPIGEEhost.apigee.net port 443 (step 2/3)
* schannel: encrypted data got 4096
* schannel: encrypted data buffer: offset 4096 length 4096
* schannel: encrypted data length: 4026
* schannel: encrypted data buffer: offset 4026 length 4096
* schannel: received incomplete message, need more data
* schannel: SSL/TLS connection with myAPIGEEhost.apigee.net port 443 (step 2/3)
* schannel: encrypted data got 964
* schannel: encrypted data buffer: offset 4990 length 5050
* schannel: a client certificate has been requested
* schannel: SSL/TLS connection with myAPIGEEhost.apigee.net port 443 (step 2/3)
* schannel: encrypted data buffer: offset 4990 length 6014
* schannel: sending next handshake data: sending 133 bytes...
* schannel: SSL/TLS connection with myAPIGEEhost.apigee.net port 443 (step 2/3)
* schannel: encrypted data got 274
* schannel: encrypted data buffer: offset 274 length 6014
* schannel: SSL/TLS handshake complete
* schannel: SSL/TLS connection with myAPIGEEhost.apigee.net port 443 (step 3/3)
* schannel: stored credential handle in session cache
> GET /MyBackendName_CCDA_API?apikey=MyAssignedAPIKey HTTP/1.1
> Host: myAPIGEEhost.apigee.net
> User-Agent: curl/7.55.1
> Accept: */*
>
* schannel: client wants to read 102400 bytes
* schannel: encdata_buffer resized 103424
* schannel: encrypted data buffer: offset 0 length 103424
* schannel: encrypted data got 421
* schannel: encrypted data buffer: offset 421 length 103424
* schannel: decrypted data length: 361
* schannel: decrypted data added: 361
* schannel: decrypted data cached: offset 361 length 102400
* schannel: encrypted data length: 31
* schannel: encrypted data cached: offset 31 length 103424
* schannel: server closed the connection
* schannel: schannel_recv cleanup
* schannel: decrypted data returned 361
* schannel: decrypted data buffer: offset 0 length 102400
< HTTP/1.1 400 Bad Request
< Date: Mon, 27 Sep 2021 18:22:21 GMT
< Content-Type: text/html
< Content-Length: 231
< Connection: close
<
<html>
<head><title>400 No required SSL certificate was sent</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>No required SSL certificate was sent</center>
<hr><center>server</center>
</body>
</html>
* Closing connection 0
* schannel: shutting down SSL/TLS connection with myAPIGEEhost.apigee.net port 443
* schannel: clear security context handle
最佳答案
It appears to me, the server is terminating the connection before sending the certificate. But I could wrong.
HTTPS 连接的 TLS 握手成功,否则服务器无法发送 HTTP 响应 - 它显然已经发送了。
* schannel: a client certificate has been requested
此调试消息表明服务器向客户端请求证书,即相互身份验证。此证书请求在服务器已将其自己的证书发送给客户端之后出现。
<center>No required SSL certificate was sent</center>
虽然您在命令行上提供了客户端证书和 key ,但实际上并没有发送任何证书和 key 。原因是 curl 7.55.1(您正在使用的)中的 SChannel 不支持客户端证书,请参阅 TODO :
15.1 Add support for client certificate authentication
WinSSL/SChannel currently makes use of the OS-level system and user
certificate and private key stores. This does not allow the application
or the user to supply a custom client certificate using curl or libcurl.
Therefore support for the existing -E/--cert and --key options should be
implemented by supplying a custom certificate to the SChannel APIs, see:
- Getting a Certificate for Schannel
https://msdn.microsoft.com/en-us/library/windows/desktop/aa375447.aspx
在较新的版本中添加了对客户端证书的更好支持,但即使使用当前最新版本 (7.79.),也无法使用 SChannel TLS 后端将 PEM 文件作为证书或 key 提供。
关于ssl - CURL 显示 "No required SSL certificate was sent"前夕,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/69351906/
我已经基于Flask Eve框架实现了简单的REST API。 现在,我想添加一些基于用户角色的自定义ACL。 我对此问题进行了一些调查,找到了有趣的解决方案Flask-ACL: https://mi
我有一个带有以下相关代码的 Python Eve 应用程序: def handle_user_update(request, lookup): if request and request.data:
我正在尝试利用 EVE 公开一个只读的 mongo 文档集合。问题是 EVE 没有返回任何对象字段。 尝试尽可能简单地开始。 My mongodb 'restaurants' collection i
我们已经部署了一个 docker 容器,其中运行着一个 MongoDB 数据库。这是一个简单的数据库,我们在其中存储地理引用传感器数据(例如温度、风速)。由于我们想要查询基于搜索半径的这些地理引用观察
我正在使用来自 WINDOWS 的 CURL 命令。我已经在下面发布了命令。我还发布了命令的结果。在我看来,服务器在发送证书之前终止了连接。但我可能错了。没有发送证书的任何想法? curl -v --
我正在使用 python eve 开发一个网络应用程序。我几乎没有暴露端点。我有一个名为 persons 的端点,数据库模式 userid 中有一个字段。我想使用读取请求参数后生成的随机字符串填充该字
我使用 Python EVE 框架编写了一个 API。尝试从 AngularJS 应用程序访问 API 时显示错误,如下所示: XMLHttpRequest cannot load http://12
我是一名优秀的程序员,十分优秀!