topic Re: Calling curl with https in Alfresco Archive

Calling curl with https

hasi_webmail — Wed, 11 Apr 2012 07:19:23 GMT

I want to call to alfresco using curl with https for testing. Currently it works for http fine. Can any one help me in this isue?curl -vi –cacert AlfrescoRepository "https://localhost:8443/alfresco/service/api/login?u=a123&pw=a123" * About to connect() to localhost port 8443 (#0)* Trying ::1…

Re: Calling curl with https

mitpatoliya — Wed, 11 Apr 2012 07:27:44 GMT

Generally we need to register the certificate with the jdk on server.
So that for each call it will be validated from there.
Just a hint.

Re: Calling curl with https

hasi_webmail — Wed, 11 Apr 2012 07:34:39 GMT

You mean like this?? I have already added. But its same…… :roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll: :roll:
see;

$keytool -keystore my-ssl-keystore -importcert -alias AlfrescoRepository -file AlfrescoRepository

Enter keystore password:
Re-enter new password:
Owner: CN=Alfresco Repository, OU=Unknown, O=Alfresco Software Ltd., L=Maidenhead, ST=UK, C=GB
Issuer: CN=Alfresco CA, O=Alfresco Software Ltd., L=Maidenhead, ST=UK, C=GB
Serial number: 4
Valid from: Thu Aug 18 17:34:11 IST 2011 until: Fri Aug 17 17:34:11 IST 2012
Certificate fingerprints:
    MD5: FB:A0:FA:3E:1C:37:4E:A1:89:3B:A3:92:C6:E3:25:62
    SHA1: 13:2C:7A:FD:12:80:8E:F3:439:89:B67:2B:B8:C0:FD:0D:FB5
    Signature algorithm name: SHA1withRSA
    Version: 1
Trust this certificate? [no]: yes
Certificate was added to keystore

Im getting angry now :twisted: :twisted: :twisted: :twisted: :twisted: :twisted: :twisted:
any one know whs the issue?

Re: Calling curl with https

hasi_webmail — Tue, 17 Apr 2012 09:49:31 GMT

I,m still looking for this :?: :?: :?: :?: 61 views ans 3 replies?? come on peers…….. reviews??

Re: Calling curl with https

wabson — Tue, 17 Apr 2012 19:00:05 GMT

Hi, I'd suggest limiting the use of smilies in your posts, if you want others to consider them seriously.

Regarding the issue itself, I think the –insecure (or -k) option is what you want. This tells cURL to ignore any problems with the SSL connection, such as self-signed certificates.

Cheers,
Will

Re: Calling curl with https

hasi_webmail — Wed, 18 Apr 2012 16:37:27 GMT

Hi, I'd suggest limiting the use of smilies in your posts, if you want others to consider them seriously.

Regarding the issue itself, I think the –insecure (or -k) option is what you want. This tells cURL to ignore any problems with the SSL connection, such as self-signed certificates.

Cheers,
Will

Well, in this case, i dont want to use the insecure option, can you explain me how this certificate is make in this issue? I may be did something wrong somewhere.

Re: Calling curl with https

cnatcisco — Wed, 08 May 2013 03:00:40 GMT

open the url "https://localhost:8443/alfresco/service/api/login?u=a123&pw=a123" in a chrome browser

for all sites with self signed certificate it will complain that the is site in not a trusted site.

click the lock icon near the url, it will show a link to see the certificate information, click the link it will open the self signed certificate, goto details tab, click "copy to file" button , then click next button, then select the format " \DER encoded binary x.509(.cer) "

click next button , give the path of a file then click next and then click finish button.

Now go to certification path tab , click each and every certificate in the tree , start from the root and export each and every certificate chain and save it as mentioned above.

now move these files to /tmp/ assume the file names are file1.cer and file2.cer

excute the below command to convert the certificates to PEM format.
openssl x509 -inform DES -in file1.cer -out file1.pem -text
openssl x509 -inform DES -in file2.cer -out file2.pem -text

now append these files to AlfrescoRepository

cat file1.pem >> AlfrescoRepository
cat file2.pem >> AlfrescoRepository

Now execute the curl command.

curl -vi –cacert AlfrescoRepository "https://localhost:8443/alfresco/service/api/login?u=a123&pw=a123"

Let me know if you need any clarification….