cURL with a PKCS#12 certificate in a bash script

I think you have allready resolved but i had a the same problem. I answer for share my solution.

If you have a .p12 file your approach is right.First of all you have to get the cert and the key separated from the p12 file.As an example, if you have a mycert.p12 file execute

openssl pkcs12 -in mycert.p12 -out file.key.pem -nocerts -nodesopenssl pkcs12 -in mycert.p12 -out file.crt.pem -clcerts -nokeys

Then you have to make the call to your url. For instance assume that you want to get the wsdl of a specific webservice

curl -E ./file.crt.pem --key ./file.key.pem https://myservice.com/service?wsdl

If the files file.crt.pem and file.key.pem are in your working folder "./" is mandatory.

Check if you have newer curl. Newer versions can handle PKCS12 outright.

curl --cert-type P12 --cert cert.p12:password https://yoursite.com

bioffes answer is correct.

He was suggesting to do:

curl --cert-type P12 --cert cert.p12:password https://yoursite.com

For some reason that didn't work for me. I was getting:

curl could not open PKCS12 file

I just ended up exporting the p12 file without a password and ended up just using the following format.

curl --cert-type P12 --cert cert.p12 https://yoursite.com

You can easily check to see if your curl can handle p12. Very likely it does. Just do man curl and scroll down til you find the cert-type. Mine was like this:

--cert-type <type>

(TLS) Tells curl what type the provided client certificate is using. PEM, DER, ENG and P12 are recognized types. If not specified, PEM is assumed.

If this option is used several times, the last one will be used.

_{(I don't believe cmmd + F works to text not visible in the terminal. So you have to scroll down.}