Home > database >  curl Failed to import cert file client.crt on command prompt and Powershell works fine on gitbash
curl Failed to import cert file client.crt on command prompt and Powershell works fine on gitbash

Time:03-04

I am using Windows...

When I run the following curl command through gitbash it works fine:

curl --cacert ca.crt --key client.key --cert client.crt "https://myurl"

However, if I try to run the same command in command prompt or Powershell, I get this error:

curl: (58) schannel: Failed to import cert file client.crt, last error is 0x80092002

What do I need to do to get the command working in Command Prompt or Powershell?

CodePudding user response:

You are providing your client certificate in the wrong format. curl requires the certificate in the PEM format (source):

-E/--cert <certificate[:password]>
     (SSL) Tells curl to use the specified certificate file when getting a file with 
     HTTPS or FTPS. The certificate must be in PEM format. If the optional password 
     isn't specified, it will be queried for on the terminal. Note that this option 
     assumes a "certificate" file that is the private key and the private 
     certificate concatenated! See --cert and --key to specify them independently.

     If curl is built against the NSS SSL library then this option can tell curl the 
     nickname of the certificate to use within the NSS database defined by the 
     environment variable SSL_DIR (or by default /etc/pki/nssdb). If the NSS PEM 
     PKCS#11 module (libnsspem.so) is available then PEM files may be loaded. If you 
     want to use a file from the current directory, please precede it with "./" 
     prefix, in order to avoid confusion with a nickname.

     If this option is used several times, the last one will be used.

Your certificate might be in the DER format or contain a whole certificate chain instead of your single client certificate.

CodePudding user response:

Windows version of curl.exe is not configured to work with openssl but git's is.

So to make sure whenever I typed 'curl' into a command prompt, it was using git's version of curl I added the path to git's curl (C:\Program Files\Git\mingw64\bin) in system environment variables and moved it right to the top…so it find’s git’s curl before it finds window’s curl.

After then restarted the command prompt it resolved the issue.

  • Related