我正努力翻译下面的命令
curl "https://my.website.address.com" --key path\to\client_key.pem --cert path\to\client.crt --pass P4$$w0rD
使用pycurl:
的python脚本import pycurl
URL = "https://my.website.address.com"
KEY_PATH = "path\to\client_key.pem"
CERT_PATH = "path\to\client.crt"
CA_PATH = "path\to\curl-ca-bundle.crt"
USERNAME = "my_username"
PASSWORD = "P4$$w0rD"
c = pycurl.Curl()
c.setopt(pycurl.URL, URL)
c.setopt(pycurl.SSLKEY, KEY_PATH)
c.setopt(pycurl.PASSWORD, PASSWORD)
c.setopt(pycurl.SSLCERT, CERT_PATH)
c.setopt(pycurl.USERNAME, USERNAME)
c.setopt(pycurl.SSL_VERIFYHOST, 2)
c.setopt(pycurl.SSL_VERIFYPEER, True)
c.setopt(pycurl.CAINFO, CA_PATH)
c.setopt(pycurl.VERBOSE, True)
c.perform()
c.close()
因此,我们同意www.my.webiste.address.com的IP地址为667.667.667.667;)
运行脚本时总是出现此错误:
* Hostname was NOT found in DNS cache
* Trying 667.667.667.667...
* Connected to my.webiste.address.com (667.667.667.667) port 443 (#0)
* schannel: SSL/TLS connection with my.webiste.address.com port 443 (step 1/3)
* schannel: checking server certificate revocation
* schannel: sending initial handshake data: sending 204 bytes...
* schannel: sent initial handshake data: sent 204 bytes
* schannel: SSL/TLS connection with my.webiste.address.com port 443 (step 2/3)
* schannel: failed to receive handshake, need more data
* schannel: SSL/TLS connection with my.webiste.address.com port 443 (step 2/3)
* schannel: encrypted data buffer: offset 1260 length 4096
* schannel: encrypted data length: 1162
* schannel: encrypted data buffer: offset 1162 length 4096
* schannel: received incomplete message, need more data
* schannel: SSL/TLS connection with my.webiste.address.com port 443 (step 2/3)
* schannel: encrypted data buffer: offset 3157 length 4096
* schannel: next InitializeSecurityContext failed: SEC_I_INCOMPLETE_CREDENTIALS (0x00090320) - The credentials supplied were not complete, and could not be verified. Additional information can be returned from the context.
* Closing connection 0
* schannel: shutting down SSL/TLS connection with my.webiste.address.com port 443
Traceback (most recent call last):
File "C:/path/to/project/main.py", line 59, in <module>
main()
File "C:/path/to/project/main.py, line 51, in main
c.perform()
pycurl.error: (35, 'schannel: next InitializeSecurityContext failed: SEC_I_INCOMPLETE_CREDENTIALS (0x00090320) - The credentials supplied were not complete, and could not be verified. Additional information can be returned from the context.')
* schannel: clear security context handle
* schannel: clear credential handle
你知道它看起来应该怎么样吗?
答案 0 :(得分:0)
我发现的问题出现在我自己的代码中 -
而不是client_key.c_str()我在client_key中传递了一个std :: string;因为curl_easy_setopt是一个宏,所以编译得很好。但是我应该传递const char *。
=========================
if (RestClientClass::client_key.size()) {
curl_easy_setopt(curl, CURLOPT_SSLKEY, RestClientClass::client_key.c_str());
curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, "PEM");
}
if (RestClientClass::client_certificate.size()) {
curl_easy_setopt(curl, CURLOPT_SSLCERT, RestClientClass::client_certificate.c_str());
curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM");
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
}