How does one access an X509 Certificate in Keychain Scripting on 10.5.x and and 10.4.11? (Its going to be used in a lib curl call to an https URL and its a self signed certificate)
I’ve tried various methods using examples of code for accessing “Internet keys” but all attempts have failed.
I am posting a reply to myself, again, for the future benefit of others. Here’s what I have discovered and got working to access an HTTPS site using libcurl:
- Curl requires ssl certificates to be in a PEM format.
- You must convert the SSL .cer format files to .pem format files using the “openssl” command in a terminal session:
openssl x509 -inform DES -in “path to input folder and certificate file.cer” -out “path to outputfolder and name.pem” -text
Then the following libcurl call to an https site will work:
curl --cacert posix path pemfilefolder and name.pem -o Desktop/outputfile.xml -u username:password https://abc.com/somefolder/some.aspx
Hope this helps others for the future.