curl -i -X POST kong-ip:8001/certificates
-F “cert=@/home/xyz/Downloads/abc.cer”
-F “key=@/home/xyz/Downloads/abcdef.p12”
-F “snis=something.com”
I tried the above cURL but it doesn’t work. The .p12 file has a passphrase, not sure how to give that.
Can anyone please help me re-create this postman certification adding procedure in kong service?
p12 is pkcs12 format which means it contains both key and cert.
You need to export your key out
Hi fomm,
Thanks for responding. I followed the steps in [1] to extract the 2 .pem files. I was not able to choose to skip entering passphrase of private key - gave me an error when I tried -
139825914426560:error:28078065:UI routines:UI_set_result_ex:result too small:…/crypto/ui/ui_lib.c:903:You must type in 4 to 1024 characters.
So even though I have two .pem files now, and I’m using the curl given in my original post. It’s giving me this error:
{“message”:“schema violation (key: invalid key: pkey.new:load_key: asn1/tasn_dec.c:309:error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error)”,“code”:2,“fields”:{“key”:“invalid key: pkey.new:load_key: asn1/tasn_dec.c:309:error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error”},“name”:“schema violation”}
Any idea how to resolve?
There seems to be an issue with your cert/key.
From reading https://support.f5.com/csp/article/K63115154
Are you using a password protected key file?
Yes, it’s a password protected key file
Then you should remove the password on your key and try again.
