curl command works but C program fails NSS: client certificate not found (nickname not specified)

Question

there are a number of similar posts but I am trying to understand a little more than what those offer. My curl commandline works fine and am able to talk to the server and get the data I want. The command looks like

curl -v --tlsv1.2 --cert ./service_cert.pem  --key ./service_private.key  "https://myserver"

But when I try to run my C program and examine the http client object I see this

errorBuffer = "NSS: client certificate not found (nickname not specified)

reading further I realized I have libcurl built with NSS which doesn't support reading cert from a flat file ( .pem)

How is then command line curl utility able to read the pem file ?

score 0 · Answer 1 · answered Feb 26 '19 at 12:48

0

You need to import your client certificate into a NSS database, using certutil, and have your code use this database.

Reference:

https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/tools/NSS_Tools_certutil

answered Feb 26 '19 at 12:48

user803422

2,636
2
18
36

curl command works but C program fails NSS: client certificate not found (nickname not specified)

1 Answers1