Post Reply 
 
Thread Rating:
  • 57 Votes - 2.67 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Protecting SSL private key in a Curl script
02-10-2017, 12:21 AM
Post: #1
Protecting SSL private key in a Curl script
Hello Folks,

I am not a too deeply practiced coder and I ran into a problem using CURL on one of my devices:
The situation: I have a smart device - planned to sell to the public - which has to connect to servers/cloud/etc.
These servers are using SSL and certificates not justs to secure the communication channel between the client and the server, but also to authenticate the client on the server. No valid device cert, no download, no data exchange, no connection, nothing.
So I have to install a certificate to it and pass it to the CURL script.
1. I have to give the cert. It is OK.
2. If the CA is not a valid one, I have to give my CA's cert. It is OK also.
3. I have to give the private key of the device certificate - and that's where I have the problem! If I do not use a password for the key anybody who has the device and hack it somehow can stole this identity and ruin the network of those devices which are using this certificate.
The situation is the same if protect the key with password and I put it to the curl script in plain text.
If I do not provide password to the private key, the identity will not be validated so the connection will not be established.

What is the solution or the best practice for a case like this?
Find all posts by this user
Quote this message in a reply
02-10-2017, 02:02 PM
Post: #2
RE: Protecting SSL private key in a Curl script
I'm not sure whether you are asking a question of Curl Programming Language ( https://en.wikipedia.org/wiki/Curl_(prog..._language) ), or a question of cURL, a client side transfer library. If you meant the latter, probably this is not the right place for you ... see https://curl.haxx.se/ for more about cURL .
Find all posts by this user
Quote this message in a reply
Post Reply 


Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Curl execute Oracle database procedure NamDH 3 927 04-21-2017 03:40 PM
Last Post: tdeng
  TLS通信下でCould not deserialize the object from Curl.発生 MIT 3 1,979 03-10-2017 08:35 AM
Last Post: MIT
  curl library 7.36.0: curl_easy_perform() function call failed when used for getting a joezhao 1 1,376 10-19-2016 09:41 AM
Last Post: dyoshida
  Curl IDE からのランチャが見つかりません umemura 1 1,806 06-30-2016 10:12 AM
Last Post: umemura
  Curl RTE Install smtit 1 1,484 05-06-2016 12:36 PM
Last Post: dice256
  Curl RTE Command line smtit 1 1,755 04-19-2016 09:35 AM
Last Post: dice256
  What OS that CURL can support for deloyment? tiennv 1 3,314 08-22-2015 02:12 AM
Last Post: tdeng
  Curl RTEのPPAPIプラグインについて でり 1 3,199 06-09-2015 11:03 AM
Last Post: でり
  cURL Client app Michael-2015 1 2,720 04-16-2015 12:27 PM
Last Post: dyoshida
  Could not deserialize the object from Curl. umemura 4 4,977 04-11-2015 04:45 AM
Last Post: Sumerjobs
Forum Jump:


User(s) browsing this thread:
1 Guest(s)