I'm trying to connect to SecureTransport 4.5.1 via
FTPS using curl compiled with gnutls.
You need to use --ftp-alternative-to-user "SITE AUTH" per http://curl.haxx.se/mail/lib-2006-07/0068.html
Do you see anything wrong with my client certificates?
I try with
# mycert.crt
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
# mykey.pem
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
And it says "530 No client certificate presented":
myuser@myserver ~ $ curl -v --ftp-ssl --cert mycert.crt --key mykey.pem --ftp-alternative-to-user "SITE AUTH" -T helloworld.txt ftp://ftp.example.com:9876/upload/
* About to connect() to ftp.example.com port 9876 (#0)
* Trying 1.2.3.4... connected
* Connected to ftp.example.com (1.2.3.4) port 9876 (#0)
< 220 msn1 FTP server (SecureTransport 4.5.1) ready.
> AUTH SSL
< 334 SSLv23/TLSv1
* found 142 certificates in /etc/ssl/certs/ca-certificates.crt
> USER anonymous
< 331 Password required for anonymous.
> PASS
[email protected]
< 530 Login incorrect.
> SITE AUTH
< 530 No client certificate presented.
* Access denied: 530
* Closing connection #0
curl: (67) Access denied: 530
I also tried with a pk8 version...
# openssl pkcs8 -in mykey.pem -topk8 -nocrypt > mykey.pk8
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
...but got exactly the same result.
What's the trick to sending a client certificate to SecureTransport?