Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

NSS: client certificate not found (nickname not specified)?

Tags:

curl

openssl

centos

libcurl

centos6

I'm trying to access a third-party service via PHP curl on a Centos 6 system which comes with curl and libcurl compiled against NSS instead of OpenSSL.

This is causing problems for me, every time I try to access the service I get this error NSS: client certificate not found (nickname not specified).

My understanding is that I need to install the certificates in the NSS database.

I'm looking for step by step instructions on how to do this (keep in mind, I need this to work with PHP curl functions called from Nginx server)

Thanks

like image 263
Jason Avatar asked Apr 02 '13 20:04

Jason

People also ask

What is NSS client certificate?

The certificate service of the NSS server is used to create and verify digital signatures on behalf of an NSS client. Certificates for stacks that are configured to use the NSS certificate service must be on the key ring of the NSS server.

How do I pass client certificate in curl?

Using curl with a client certificate can be achieved in a couple of ways. You can curl with a certificate and key in the same file or curl with a certificate and private key in separate files. Where -v is verbose, -GET is a GET request, --key key. pem is the key file or path to the private key, --cert cert.

What is NSS curl?

curl is a tool to transfer data from or to a server, using one of the supported protocols (HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, DICT, TELNET, LDAP or FILE). The command is designed to work without user interaction. 1. Set SSL_DIR environment variable to path of your NSS database.

1 Answers

Try prefixing the certificate filename with "./", or using the full path. From the curl manpage:

If curl is built against the NSS SSL library then this option [--cert] can tell curl the nickname of the certificate to use within the NSS database defined by the environment variable SSL_DIR (or by default /etc/pki/nssdb). If the NSS PEM PKCS#11 module (lib- nsspem.so) is available then PEM files may be loaded. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname.

(emphasis mine)

Alternatively, some instructions for importing into the NSS certificate database are here, although I have not used them: http://rcritten.fedorapeople.org/nss_compat_ossl.html

like image 154
pimlottc Avatar answered Sep 24 '22 19:09

pimlottc
Sign in to Comment

Related questions

Homebrew installation on Mac OS X Failed to connect to raw.githubusercontent.com port 443
Conversion of curl to python Requests
Get file content via PHP cURL [closed]
Installing curl to PHP cli
Downloading all the files in a directory with cURL
PHP, How to Redirect/Forward HTTP Request with header and body?
curl: (58) Unable to load client key -8178
download a file from ftp using curl and php
Github API v3 doesn't show all user repositories
How do I POST form data with UTF-8 encoding by using curl?
How to update cURL on OSX El Capitan?
Multiline curl command
Curl "write out" value of specific header
Bash curl and variable in the middle of the url
curl 302 redirect not working (command line)
bash curl command not found on OS X. Where can I find it?
file_get_contents('php://input') always returns an empty string
Using PUT method with PHP cUrl Library
cURL , get redirect url to a variable
How to run the HTTP request without using CURL

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!