Trying to use curl to connect to a FTPS server that requires a digital cert for client auth. Cannot get it to work. Any experts?
curl --help
curl -u $YOUR_USER_NAME: --key ~/.ssh/$YOUR_SSH_KEY --pubkey ~/.ssh/$YOUR_PUBLIC_KEY.pub sftp://$HOST/$PATH
Sorry! I just Googled and came up with this:This is FTPS not SFTP. Not SSH based. The people who want to use this run Linux and they use curl so I need to test with curl.
The goal is to use a personal cert on the client for authentication and eliminate requiring a PW. I have it working from a FTPS client but not from a curl client.
curl -v --user --ftp-ssl --ftp-ssl-reqd --ftp-pasv --disable-epsv --key mykey.pem --cert mycert.crt -T pubkey.txt ftp:///
I am not sure this command will actually work. I do not understand the "-T" option. The file pubkey.txt are (most likely) the root and intermediate public keys needed to validate the server cert. "-T" is for a transfer. I think it should be --cacert pubkey.txt.Sorry! I just Googled and came up with this:
Code:curl -v --user --ftp-ssl --ftp-ssl-reqd --ftp-pasv --disable-epsv --key mykey.pem --cert mycert.crt -T pubkey.txt ftp:///
It looks like there are just a few more ftps-related options necessary and a path to your files in place of "mykey.pem", etc.
I need to use FTPS. Cannot use SFTP (SSH). The personal cert is properly signed. I avoid self signed certs like the plague.when I use a cert I use
curl --cacert /path/to/my/cert/ca.pem https: //url
curl --header 'host: www.mysite.com --cacert /path/to/my/cert/ca.pem https://url or ip/file.gz
Can also try curl -k --header 'host: www.mysite.com' -I https://ipaddr/file
This is what I use to move a file off my server you could modify to sftp as needed
Edit: ok thinking about this not sure it will work with sftp, I'm going to give it a try later if I have time
Edit some more. I missed this is sftp Also upon thinking is this a self signed cert? If so it's not really valid as it breaks the trust chain, you will have to use the -k option but that kind of defeats the purpose of the cert to begin with.
Could you give some output of the command as you run it? Might be easier to fix if we can see what it is complaining about.
Do you have the outputs from the commands you have tried?I need to use FTPS. Cannot use SFTP (SSH). The personal cert is properly signed. I avoid self signed certs like the plague.
The first issue is it prompts for a host password. The who point here is to use client auth and eliminate the password.Do you have the outputs from the commands you have tried?