| Components | All | New | MacOS | Windows | Linux | iOS | ||||
| Examples | Mac & Win | Server | Client | Guides | Statistic | FMM | Blog | Deprecated | Old | |
CURL.SetOptionSSLCert
Sets the file path for the certificate.
| Component | Version | macOS | Windows | Linux | Server | iOS SDK |
| CURL | 2.5 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes |
Parameters
| Parameter | Description | Example | Flags |
|---|---|---|---|
| curl | The CURL session handle. | $curl | |
| Value | The file path to the certificate. | "/tmp/test.pem" | |
| Encoding | The text encoding for text parameter. Default is UTF-8. Possible encoding names: ANSI, ISO-8859-1, Latin1, Mac, Native, UTF-8, DOS, Hex, Base64 or Windows. More listed in the FAQ. |
"utf8" | Optional |
Result
Returns "OK" on success.
Description
Sets the file path for the certificate.Pass a text string as parameter. The string should be the file name of your certificate. The default format is "PEM" and can be changed with CURL.SetOptionSSLCertType.
With NSS this can also be the nickname of the certificate you wish to authenticate with. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname.
Starting with version 8.0 the plugin will always use UTF-8 encoding for file path on Linux and macOS. For macOS we also do the unicode character normalization for file names for you.
For the GSX example, apple-cert+key.pem in our case is a text file containing the key and certificate:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,B8DCBDA00BFB07EB3CE3901334FC7028
lKa9vkyhSkx1N8PS+0gUsDLa5Ki36z9wuw9IdVQAeNuGYwPvpPwGzYiUWXE7p8H1
...
WHhQqB/FACH0XbOWWUtHInNlNVHFcKKtJdg/JIlkMQfvSD3XnSNLgLvOpr10L85Z
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIIVbEoCG6/FTIwDQYJKoZIhvcNAQELBQAwezE1MDMGA1UE
....
AYf7yNIM0btoU2ymPrzwn02AKxnk6QRMqVkirDHSWew/mQfxlOg2HN2HJ1MQR9wC
3bxbgvJL1EFq9AAK5g==
-----END CERTIFICATE-----
You can normally just copy the files together with a text editor.
See CURL.SetOptionSSLCertBlob to pass certificate as container or text.
See also SSLCERT option in CURL manual.
Examples
Set a client SSL certificate:
Set Variable [$r; Value:MBS("CURL.SetOptionSSLCert"; $curl; "/some/certfile.pem")]
Set Variable [$r; Value:MBS("CURL.SetOptionSSLCertType"; $curl; "PEM")]
Set Variable [$r; Value:MBS("CURL.SetOptionKeyPassword"; $curl; "secret")]
Send request to Apple's gsx webservice:
Set Variable [$XMLRequest; Value:""]
#Start new session
Set Variable [$curl; Value:MBS("CURL.New")]
# URL for web service
Set Variable [$result; Value:MBS("CURL.SetOptionURL"; $curl; "https://gsxapiut.apple.com:443/gsx-ws/services/emea/asp")]
# Mark content as XML
Set Variable [$result; Value:MBS("CURL.SetOptionHTTPHeader"; $curl; "Content-Type: text/xml; charset=UTF-8")]
# Pass XML content for request
Set Variable [$result; Value:MBS("CURL.SetOptionPostFields"; $curl; $XMLRequest)]
# Certificate and private key in one file
Set Variable [$result; Value:MBS("CURL.SetOptionSSLCert"; $curl; "/Users/cs/Keys/apple-cert+key.pem")]
# Root certificates
Set Variable [$result; Value:MBS("CURL.SetOptionCAInfo"; $curl; "/Users/cs/Keys/cacert.pem")]
# SSL Key is in PEM Format
Set Variable [$result; Value:MBS("CURL.SetOptionSSLCertType"; $curl; "PEM")]
# Password for key file
Set Variable [$result; Value:MBS("CURL.SetOptionKeyPassword"; $curl; "xxx")]
# SSL Verification on
Set Variable [$result; Value:MBS("CURL.SetOptionSSLVerifyPeer"; $curl; 1)]
Set Variable [$result; Value:MBS("CURL.SetOptionSSLVerifyHost"; $curl; 1)]
# use TLS v1.2
Set Variable [$result; Value:MBS("CURL.SetOptionSSLVersion"; $curl; 6)]
#RUN now
Set Field [CURL Test::Result; MBS("CURL.Perform"; $curl)]
#Check result
Set Field [CURL Test::Text; MBS("CURL.GetResultAsText"; $curl; "UTF8")]
Set Field [CURL Test::debug; MBS("CURL.GetDebugMessages"; $curl)]
#Cleanup
Set Variable [$result; Value:MBS("CURL.Release"; $curl)]
Talk to Apple's global service exchange webservice:
# Various parameters
Set Variable [ $userid ; Value: "???" ]
Set Variable [ $serviceAccountNo ; Value: "???" ]
Set Variable [ $PrivateKeyPassword ; Value: "???" ]
# Build XML with our values:
Set Variable [ $xml ; Value: Tabelle::Login XML Template ]
Set Variable [ $xml ; Value: Substitute($xml; "$userid$"; MBS("Text.EncodeToXML"; $userid)) ]
Set Variable [ $xml ; Value: Substitute($xml; "$serviceAccountNo$"; MBS("Text.EncodeToXML"; $serviceAccountNo)) ]
# Start CURL
Set Variable [ $curl ; Value: MBS("CURL.New") ]
Set Variable [ $r ; Value: MBS("CURL.SetOptionURL";$curl; "https://gsxapi.apple.com/gsx-ws/services/emea/asp") ]
Set Variable [ $r ; Value: MBS("CURL.SetOptionSSLCertType"; $curl; "PEM") ]
Set Variable [ $r ; Value: MBS("CURL.SetOptionKeyPassword"; $curl; $PrivateKeyPassword) ]
# pem file with private key and certificate from Apple
Set Variable [ $r ; Value: MBS("CURL.SetOptionSSLCert"; $curl; "/Users/test/Desktop/test.pem") ]
# some root certificates
Set Variable [ $r ; Value: MBS("CURL.SetOptionCAInfo"; $curl; "/Users/test/Desktop/cacert.pem") ]
Set Variable [ $r ; Value: MBS("CURL.SetOptionSSLVersion"; $curl; 6) // TLS v1.2 ]
Set Variable [ $r ; Value: MBS("CURL.SetOptionTimeOut"; $curl; 10) ]
Set Variable [ $r ; Value: MBS("CURL.SetOptionHTTPHeader"; $curl; "Content-Type: text/xml; charset=UTF-8") ]
# run the login query
Set Variable [ $r ; Value: MBS("CURL.Perform"; $curl) ]
# check result
Set Variable [ $httpResponse ; Value: MBS( "CURL.GetResponseCode"; $curl ) ]
Set Field [ Tabelle::CURL Result ; $r ]
Set Field [ Tabelle::CURL Input ; $xml ]
Set Field [ Tabelle::CURL Debug ; MBS("CURL.GetDebugMessages"; $curl; "UTF8") ]
Set Field [ Tabelle::CURL Output ; MBS("CURL.GetResultAsText"; $curl; "UTF8") ]
# here we extract session
Set Field [ Tabelle::SessionID ; MBS("Text.FindBetween"; Tabelle::CURL Output; "<userSessionId>"; "</userSessionId>") ]
Wenn [ $r = "OK" UND $httpResponse = 200 ]
# OK
Ende (wenn)
Set Variable [ $r ; Value: MBS("CURL.Release") ]
See also
- CURL.SetOptionSASLIR
- CURL.SetOptionSSLCertType
- CURL.SetOptionSSLCipherList
- CURL.SetOptionSSLEngine
- CURL.SetOptionSSLKey
- CURL.SetOptionSSLKeyBlob
- CURL.SetOptionSSLKeyType
- CURL.SetOptionSSLVersion
- CURL.SetOptionTimeOut
- Text.FindBetween
Release notes
- Version 10.4
- Changed CURL.SetOptionIssuerCertBlob, CURL.SetOptionProxyIssuerCert, CURL.SetOptionProxyIssuerCertBlob, CURL.SetOptionProxySSLCertBlob, CURL.SetOptionProxySSLKeyBlob, CURL.SetOptionSSLCertBlob and CURL.SetOptionSSLKeyBlob to replace line endings for keys to LF if needed.
- Version 10.3
- Version 8.0
- Changed CURL.SetOptionCAINFO, CURL.SetOptionCAPATH, CURL.SetOptionCookieFile, CURL.SetOptionCookieJar, CURL.SetOptionIssuerCert, CURL.SetOptionNETRCFile, CURL.SetOptionRandomFile, CURL.SetOptionSSHPrivateKeyfile, CURL.SetOptionSSHPublicKeyfile, CURL.SetOptionSSLCert, CURL.SetOptionSSLKey to use always UTF-8 on Mac/Linux and on Mac do the unicode transformation for decomposed characters to avoid trouble with special characters in file paths.
Blog Entries
- Translating Insert from URL options for CURL to MBS Plugin calls
- Using Apple's Global Service Exchange web service in FileMaker
- MBS FileMaker Plugin, version 7.6pr3
- Using Apple's Global Service Exchange web service in FileMaker
Created 18th August 2014, last changed 25th June 2020
