Menu
This commit: support for SSL Client Authentication ...tells us there is a certificate flag to play with...
My attempt:
phantomjs main.js \
--ssl-protocol=any \
--ssl-client-certificate-file=/tmp/joppli/data/certificate/certificado.crt \
--ssl-client-key-file=/tmp/joppli/data/certificate/certificado.key \
--ssl-client-key-passphrase=foobar \
--web-security=false
What ever I try however, I can't access the page. I get:
page.onLoadFinished
arguments[0] = "fail"
Is the above command correct? Why does it fail? How can I debug what's wrong? (the fail message leaves much to desire)
The page I'm trying to access is: https://www.sedecatastro.gob.es/
With out the ssl: http://www.sedecatastro.gob.es/ it works just fine though.
I can't however access some parts of this webpage with out a specific certificate:
286
SSL-enabled servers can be configured to require client authentication, or cryptographic validation by the server of the client's identity.
If the SSL or TLS server requires client authentication, the server verifies the client's identity by verifying the client's digital certificate with the public key for the CA that issued the personal certificate to the client, in this case CA X .
The HTTPS version of the site isn't providing its entire chain of TLS certificates, which causes phantomjs to fail on an untrusted certificate. Try adding --ignore-ssl-errors=true to your command line, and see if that works. If so, the proper solution will be to download the intermediate CA's certificate, and then tell phantomjs to trust it with --ssl-certificates-path=/path/to/ca.pem.
The certificate you need is available at https://ssl-tools.net/certificates/ec503507b215c4956219e2a89a5b42992c4c2c20.pem, and further diagnostics are available at https://www.ssllabs.com/ssltest/analyze.html?d=sedecatastro.gob.es
174
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
