Thread Rating:
  • 170 Vote(s) - 2.6 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Protecting SSL private key in a Curl script
02-10-2017, 12:21 AM,
#1
Protecting SSL private key in a Curl script

Hello Folks,

I am not a too deeply practiced coder and I ran into a problem using CURL on one of my devices:
The situation: I have a smart device - planned to sell to the public - which has to connect to servers/cloud/etc.
These servers are using SSL and certificates not justs to secure the communication channel between the client and the server, but also to authenticate the client on the server. No valid device cert, no download, no data exchange, no connection, nothing.
So I have to install a certificate to it and pass it to the CURL script.
1. I have to give the cert. It is OK.
2. If the CA is not a valid one, I have to give my CA's cert. It is OK also.
3. I have to give the private key of the device certificate - and that's where I have the problem! If I do not use a password for the key anybody who has the device and hack it somehow can stole this identity and ruin the network of those devices which are using this certificate.
The situation is the same if protect the key with password and I put it to the curl script in plain text.
If I do not provide password to the private key, the identity will not be validated so the connection will not be established.

What is the solution or the best practice for a case like this?
Reply
02-10-2017, 02:02 PM,
#2
RE: Protecting SSL private key in a Curl script
I'm not sure whether you are asking a question of Curl Programming Language ( https://en.wikipedia.org/wiki/Curl_(prog..._language) ), or a question of cURL, a client side transfer library. If you meant the latter, probably this is not the right place for you ... see https://curl.haxx.se/ for more about cURL .
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  Curl execute Oracle database procedure NamDH 3 4,054 04-21-2017, 03:40 PM
Last Post: tdeng
  TLS通信下でCould not deserialize the object from Curl.発生 MIT 3 4,767 03-10-2017, 08:35 AM
Last Post: MIT
  curl library 7.36.0: curl_easy_perform() function call failed when used for getting a joezhao 1 3,632 10-19-2016, 09:41 AM
Last Post: dyoshida
  Curl IDE からのランチャが見つかりません umemura 1 3,771 06-30-2016, 10:12 AM
Last Post: umemura
  Curl RTE Install smtit 1 2,738 05-06-2016, 12:36 PM
Last Post: dice256
  Curl RTE Command line smtit 1 2,917 04-19-2016, 09:35 AM
Last Post: dice256
  What OS that CURL can support for deloyment? tiennv 1 4,574 08-22-2015, 02:12 AM
Last Post: tdeng
  Curl RTEのPPAPIプラグインについて でり 1 4,398 06-09-2015, 11:03 AM
Last Post: でり
  cURL Client app Michael-2015 1 3,852 04-16-2015, 12:27 PM
Last Post: dyoshida
  Could not deserialize the object from Curl. umemura 4 6,641 04-11-2015, 04:45 AM
Last Post: Sumerjobs
Forum Jump:


Users browsing this thread:
1 Guest(s)

MyBB SQL Error

MyBB has experienced an internal SQL error and cannot continue.

SQL Error:
1017 - Can't find file: 'mybb_threadviews' (errno: 2)
Query:
INSERT INTO mybb_threadviews (tid) VALUES('1431')