i am trying to my a request to an API endpoint but all i have is
openssl s_clinet -connect aeonssl.qa.bltelecoms.net:443
on the terminal this returns ssl key and awaits for xml request parameters
<request><EventType>Authentication</EventType><event><UserPin>###</UserPin><DeviceId>###</DeviceId><DeviceSer>###</DeviceSer><TransType>###</TransType><Reference>###</Reference></event></request>
this is a persistent connection and am trying to do this in PHP or JavaScript
when testing the connection on the terminal am getting the desired result but i don't know how to automate the request in any language
can anyone help me out
thanks
Related
I need to get information about a VM using curl with REST calls. I have this information where 1701 is the VM ID
GET /api/v1/vms/1701 HTTP/1.1
Host: vmlam.ral.sf.com
Authorization: Token token=4210
I tried this in cygwin but it did not work
c:/curl-7.69.0-win64-mingw/bin/curl -X GET -d '{Authorization: Token token=4210}' 'https:/vmlam.ral.sf.com//api/v1/vms/1701'
curl: (60) SSL certificate problem: unable to get local issuer
certificate More details here: curl.haxx.se/docs/sslcerts.html curl
failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this
situation and how to fix it, please visit the web page mentioned
above.
That seems like a certificate issue, you can skip the check with the option -k (or --insecure)
From curl documentation (man curl):
-k, --insecure
(TLS) By default, every SSL connection curl makes is verified to be secure. This option allows curl to proceed and operate even for server connections other‐
wise considered insecure.
The server connection is verified by making sure the server's certificate contains the right name and verifies successfully using the cert store.
See this online resource for further details:
https://curl.haxx.se/docs/sslcerts.html
See also --proxy-insecure and --cacert.
I am intending to POST Nest API to get the access token with ESP8266 or Arduino.
I read carefully https://developers.nest.com/guides/api/how-to-auth#test_for_csrf_attacks and Calling nest api with esp8266 using arduinoEDK
I tried to POST api.home.nest.com wth with URL:/oauth2/access_token but don't know what port to: I tried 80, 9553 and 443 with no success.
Nest runs its API over HTTPS, which uses port 443. Even if they allowed port 80 you should not use that; you'd be transmitting your credentials or API token unencrypted, which is dangerous.
If your code is running on an ESP8266 be sure to use an SSL library. It's not enough to just speak the HTTP protocol to port 443.
You didn't share any code so I can't advise further, but consider using the BearSSL::WiFiClientSecure class for your connection.
There's a good example of this at
https://github.com/esp8266/Arduino/blob/master/libraries/ESP8266HTTPClient/examples/BasicHttpsClient/BasicHttpsClient.ino
You'll need to know the SSL fingerprint for the Nest server. You can find this by running
openssl s_client -connect api.home.nest.com:443 < /dev/null 2>/dev/null | openssl x509 -fingerprint -noout | cut -d'=' -f2
in a terminal window on a Mac or Linux computer. The fingerprint allows your client to confirm that the server is who it claims to be.
As I write this, the fingerprint is currently:
DE:AA:EB:EE:C0:4B:14:97:27:C8:29:46:5C:05:44:2C:26:DE:55:6B
Be aware that this can change with time (or even depending on the specific server which handles your request), so you may need to change it. You can find the line that calls client->setFingerprint() in the example at the link above; that's where you'd use server fingerprint.
I've been playing around with Curl, trying to do what should be a simple POST of a file to a web service for a couple of days and not getting anywhere.
The target POST service is unauthenticated HTTPS. When trying to run my POST request via Curl or via Informatica, I am getting an SSL handshake failure with both methods.
For example:
curl -X POST -F 'file=#filename.dat' https://url
I have been able to get this to work using Postman, so I know the service works. According to network security, SSL is disabled in this environment. Am I out of luck, or is there a way to get this to work without SSL?
Specific error encountered:
curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
By default, a client establishing a HTTPS URL connection will check the validity of a SSL certificate - otherwise, what's the point of using SSL?
In your case, you are saying "Pretend to use HTTPS but actually, ignore the certificate", because it's invalid, or you are still getting one, or you are in the development phase (I hope the latter is true, and get or create a valid sever certificate when needed).
But curl doesn't know that. It is assuming you are asking it to establish a connection with an HTTPS endpoint - thus it will try to validate the certificate - which, in your case, may be the source of the failure.
Try curl -k -X POST -F 'file=#filename.dat' https://url
From the manpage:
-k, --insecure
(TLS) By default, every SSL connection curl makes is verified to be secure. This option allows curl to proceed and operate even for server connections otherwise considered insecure.
The server connection is verified by making sure the server's certificate contains the right name and verifies successfully using the cert store.
See this online resource for further details:
https://curl.haxx.se/docs/sslcerts.html
See also --proxy-insecure and --cacert.
I am trying to test a cURL command from my server. The command is requesting a JSON response from a URL that is https.
The cURL seems to be stuck, with no response and it doesn't time out.
However, I have tested it from my local machine and the cURL command works fine.
Do I need an SSL certificate installed on the server for it be able to send cURL commands to an https URL?
No you don't need an SSL cert to send a command like curl via https (unless your server uses two way ssl).
You DO need one at the other end for the https server that receives the command from curl.
However if it's a self signed cert then it may not be recognised by curl and you may get an error instead of a successful connection.
The fact the process is hanging suggests a network/connectivity issue rather than an SSL issue. Can you telnet to the machine using port 443 or does that hang too?
telnet www.example.com 443
Should respond.
I am writing a remote API to handle some backend processes and my API typically takes about 30 seconds to complete the operation (I am fine with the wait time, it is an internal process). When I make a cURL call to the API, I get the following message curl: (52) Empty reply from server.
I need the cURL to wait for the response, -m and connect-timeout do not seem to help.
Additional information : I am using Sinatra for the backend API
I try It with get "/"; sleep(30); "response"; end an just use curl without any additional parameter and it work fine.
This mean normally it's not sinata or curl. It's something between like a proxy with timeout, a application server or anything else.
I was getting the same error and traced it to be an issue with my proxy settings. Specifically I'm using TSOCKS to send everything to a socks proxy. Disabling TSOCKS allowed curl to work. Specifying the socks proxy with the curl command resolved the issue.
eg. curl --proxy socks5h://192.168.0.5:8111 http://webserver.com/file.ext