Curl and client SSL certs

From: Stephen Haywood 
------------------------------------------------------
I am trying to access a web site with a client side cert using the Curl
command, curl --cert test.crt --key test.key https://someweb.site. Curl
returns this error message: curl: (58) unable to use client certificate (no
key found or wrong pass phrase?). I have verified that the cert and key go
together using openssl x509 -noout -modulus -in test.crt | openssl md5
and openssl
rsa -noout -modulus -in test.key | openssl md5, which both return the same
MD5 sum. I have also verified the key does not have a passphrase using openssl
rsa -in test.key -out test
===============================================================
From: James Nylen 
------------------------------------------------------
I haven't done this before, but the man page of curl is somewhat confusing
regarding --cert and --key together.

Try this (it looks like it worked here
http://stackoverflow.com/questions/7677994 ):
cat test.crt test.key > test.pem
curl --cert test.pem https://someweb.site

Are the cert and key files PEM?  If not, it looks like you'll need
--cert-type and/or --key-type.




===============================================================
From: Stephen Haywood 
------------------------------------------------------
James,

  Thanks for the help. Apparently, the key file was in PEM format but the
certificate was not in PEM format.

-- 
Stephen Haywood
Information Security Consultant
CISSP, GSEC, OSCP
T: @averagesecguy
W: averagesecurityguy.info