I have resolved this issue. My learnings so far...
CURL command accepts thumbprint in the command line instead of certificate files. We need to mention the thumbprint using the certificate store path. To get the certificate store and thumbprint run the following command in the powershell.
cd Cert:\LocalMachine\My\
Get-ChildItem -Path Cert:\LocalMachine\My\ (To get the certificate thumbprint)
PS Cert:\LocalMachine> curl.exe -X PUT -H "Content-Type: application/json" -d '{"DatabaseName": "DB_Name"}' --cert "LocalMachine\My\xxxxxx" --key "D:\RavenDB\certificates\xxx.key" https://xxx:000/admin/databases
This is the command which finally worked to create a database using CURL Command in Ravendb.
Thanks
Kannadasan
Related
I am trying to run curl command from Red Hat Enterprise Linux 7 server with curl below:-
*curl -0 -v --cert-type p12 --cert /mycert.p12:<password> --cacert /my_sec_cert.cer -X GET "https://<url>"*
and ended up with the error :-
unable to load client cert: -8018 (SEC_ERROR_UNKNOWN_PKCS11_ERROR)
NSS error -8018 (SEC_ERROR_UNKNOWN_PKCS11_ERROR)
When i am using pem certificate for same curl command with private key. Its working fine for me.
Can anyone suggest how to use p12 with Rhel7 here? Thanks
I want to automate the addition and removal of VMs from the RHEL Subscription. I want to use a curl command if possible and keep it simple.
I tried executing curl commands on the api.access.redhat.com/management/v1/subscriptions endpoints but it is giving errors like "Authentication parameters missing".
Below is an example command I am using:
curl -X GET -s -k -u username:Password "https://api.access.redhat.com/management/v1/subscriptions" -H "accept: application/json"
Expected to see the list of Subscribed systems but getting the "Authentication parameters missing" message.
In order to get all the subscriptions you have, run the following command:
curl -H "Authorization: Bearer $access_token" "https://api.access.redhat.com/management/v1/subscriptions"
You can retrieve the access_token variable by running the following command:
curl https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token -d grant_type=refresh_token -d client_id=rhsm-api -d refresh_token=$offline_token
The offline_token, instead, has to be generated from the API Tokens Page.
Check this article for further details.
I have a script that attempts to replace my site's SSL cert on Cloudflare.
Certbot auto-renews the cert on the local server from Letsencrypt every three months. Now, the SSL .pem certificate renewed by certbot needs to be uploaded to Cloudflare using its API.
PRIVATE_KEY="/etc/letsencrypt/live/autoxxx.com.au/privkey.pem"
CERTIFICATE="/etc/letsencrypt/live/aautoxxx.com.au/cert.pem"
# read from files
PRIVATE_KEY=`cat $PRIVATE_KEY`
CERTIFICATE=`cat $CERTIFICATE`
DATA='{"private_key":"'$PRIVATE_KEY'","certificate":"'$CERTIFICATE'","bundle_method":"ubiquitous"}'
curl -i \
-X PATCH "https://api.cloudflare.com/client/v4/zones/rCWR4i3A24NZEzI4dFLYLAhU7tUBtJUSYQkh/custom_certificates/iqXVG2FV8Cgj5FXGMexIoJovtFQx5UhecVya" \
-H "X-Auth-Email: webdev#autoxxx.com.au" \
-H "X-Auth-Key: pg5Q89JI33nsgdA9iZwPky3q" \
-H "Content-Type: application/json" \
-d "$DATA" --trace-ascii /dev/stdout
But, running this script throws the following error
{"success":false,"errors":[{"code":6007,"message":"Malformed JSON in request body"}],"messages":[],"result":null}
Tried the quotes suggestion as in answer to the following question, but still the same error.
Why do I get a malformed JSON in request body in this cURL call?
I searched Google extensively.
Tried the following https://docs.vmware.com/en/Unified-Access-Gateway/3.0/com.vmware.access-point-30-deploy-config.doc/GUID-870AF51F-AB37-4D6C-B9F5-4BFEB18F11E9.html to put .pem into a single line. Used awk 'NF {sub(/\r/, ""); printf "%s\n",$0;}' to achieve this, but now it threw "Invalid Certificate" response.
The following code works perfectly. The above awk command was replacing carriage returns with new line \n, but Cloudflare, apparently, wants the literal "\n".
PRIVATE_KEY="/etc/letsencrypt/live/autoxxx.com.au/privkey.pem"
CERTIFICATE="/etc/letsencrypt/live/aautoxxx.com.au/cert.pem"
# read from file, put the .pem into single line and replace carriage returns with the literal "\n"
PRIVATE_KEY=`awk 'NF {sub(/\r/, ""); printf "%s\\\n",$0;}' $PRIVATE_KEY`
CERTIFICATE=`awk 'NF {sub(/\r/, ""); printf "%s\\\n",$0;}' $CERTIFICATE`
DATA='{"private_key":"'$PRIVATE_KEY'","certificate":"'$CERTIFICATE'","bundle_method":"ubiquitous"}'
curl -i \
-X PATCH "https://api.cloudflare.com/client/v4/zones/rCWR4i3A24NZEzI4dFLYLAhU7tUBtJUSYQkh/custom_certificates/iqXVG2FV8Cgj5FXGMexIoJovtFQx5UhecVya" \
-H "X-Auth-Email: webdev#autoxxx.com.au" \
-H "X-Auth-Key: pg5Q89JI33nsgdA9iZwPky3q" \
-H "Content-Type: application/json" \
-d "$DATA" --trace-ascii /dev/stdout
I have a curl command that I'd like to have run as a collection using newman:
curl -i -v \
-H "X-FromAppId: APPLICATION" \
-H "X-TransactionId: 22222222" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
--cacert iis_cert_2018_07.pem \
--key iis_cert_2018_07.pem \
--cert iis_cert_2018_07.pem \
-X GET https://iis-udev02.dev.test.com:8443/iis/v1/common/policies/343
--insecure
I have a collection that executes that GET request, and it works just fine on Postman (after configuring the certs in the UI), but how do I notify newman of those certs when running the collection through the commandline?
I've tried:
newman run GETRequest.postman_collection.json --ssl-client-cert iis_cert_2018_07.pem --ssl-client-passphrase iis_cert_2018_07.pem --insecure
But that doesn't work.
How is a cert sent in a newman request?
You are passing in the key as the passphrase here: --ssl-client-passphrase iis_cert_2018_07.pem, it should be --ssl-client-key iis_cert_2018_07.pem
Try:
newman run GETRequest.postman_collection.json --ssl-client-cert iis_cert_2018_07.pem --ssl-client-key iis_cert_2018_07.pem --insecure
This should work assuming the key is not encrypted with a passphrase, and everything else is right.
The relevant newman documentation is here:
https://www.npmjs.com/package/newman#ssl-client-certificates
if you have the key encrypted then you can use the below command
newman run GETRequest.postman_collection.json --ssl-client-cert iis_cert_2018_07.pem --ssl-client-key iis_cert_2018_07key.pem --ssl-client-passphrase password
I am trying to update the folder name in box.com using curl tool in windows command prompt. However, I am not able to do that and getting the "insufficient permissions" error. Following is the exact curl command I am using with the request parameters for updating the folder:
curl -i https://api.box.com/2.0/folders/0 -H "Authorization: Bearer rn4lh6kST6bhmaLEuZdjMtxXpTfORg1B" -d "{\"name\":\"New Folder Name!\"}'-X PUT
And I am getting the following error:
{"type":"error","status":403,"code":"access_denied_insufficient_permissions","help_url":"http:\/\/developers.box.com\/docs\/#errors","message":"Access denied - insufficient permission","request_id":"11155318795551a7373138a"}
I get the same error for "DELETE" the folder command in curl.
Can anyone please help me with this?
I believe your issue is with the quote escaping. Also, you have -d "....' (note the mismatched " and '
Try the following commands that are from Box API: (Don't forget to add your folder ID & Access Token)
Update Folders
curl https://api.box.com/2.0/folders/FOLDER_ID
-H "Authorization: Bearer ACCESS_TOKEN" -d '{"name":"New Folder Name!"}' -X PUT
Delete Folders
curl https://api.box.com/2.0/folders/FOLDER_ID?recursive=true
-H "Authorization: Bearer ACCESS_TOKEN" -X DELETE