OpenSSL error:02001002:system library:fopen:No such file or directory no key found, wrong pass phrase, or wrong file format, git bash vs cmd
I have an application which exposes the urls using mutual Authentication. Now I am writing a python script which uses Popen to run the curl command to connect to the application and gets me the required data. But when I run the python script I get following error.
curl: (58) could not load PEM client certificate, OpenSSL error error:02001002:system library:fopen:No such file or directory, (no key found, wrong pass phrase, or wrong file format?)
I am running the application on windows 7 machine. I have curl and openssl installed. The command that is run is given below
curl -v https://localhost:9400/<URL> -H "Connection:close" --cacert 'C:/local_cert/root.crt' --cert 'C:/local_cert/client.crt' --key 'C:/local_cert/client.key' --pass client_key_passwd
Now for testing I ran the same command in Git Bash for windows. I got the result successfully. But when I run the same command in Git Cmd for windows or Windows Cmd I get the same above error.
I have checked the paths to cert are correct, they are in PEM format, I have openssl and curl installed.For some reasons I cannot use Requests or urllib3 python pacakges and only can use curl. The above make me believe that there is some setting that Windows Cmd and Git Cmd for windows is missing some settings but I am not sure what it may be.
Answer
After trying lot of things I finally figured out the answer. The error said no file found, wrong passphrase or wrong format. Since the command worked in git bash I was sure that its not a issue with file or passphrase. Concentrating on no file found I found below link
Windows PATH to posix path conversion in bash
which gave me an idea that may be the way I am specifying the path is incorrect depending on which version of curl we are using. So after trying various combination I found that if you use plain curl in git bash following both cmd will work
curl -v https://localhost:9400/<URL> -H "Connection:close" --cacert 'C:/local_cert/root.crt' --cert 'C:/local_cert/client.crt' --key 'C:/local_cert/client.key' --pass client_key_passwd
and
curl -v https://localhost:9400/<URL> -H "Connection:close" --cacert C:/local_cert/root.crt --cert C:/local_cert/client.crt --key C:/local_cert/client.key --pass client_key_passwd
But in windows Cmd or when calling curl from python only following cmd will work
curl -v https://localhost:9400/<URL> -H "Connection:close" --cacert C:/local_cert/root.crt --cert C:/local_cert/client.crt --key C:/local_cert/client.key --pass client_key_passwd
So In nutshell it was a issue with quotes because the way your curl utility is called and which version of curl is used (compiled for windows or not) the interpretation of quotes will be different.