未來的InitializeSecurityContext失敗 - 使用pycurl

Question

我掙扎使用pycurl下面

curl "https://my.website.address.com" --key path\to\client_key.pem --cert path\to\client.crt --pass P4$$w0rD

到Python腳本這樣的翻譯命令SSL連接：

import pycurl 
     URL = "https://my.website.address.com" 
     KEY_PATH = "path\to\client_key.pem" 
     CERT_PATH = "path\to\client.crt" 
     CA_PATH = "path\to\curl-ca-bundle.crt" 
     USERNAME = "my_username" 
     PASSWORD = "P4$$w0rD" 

     c = pycurl.Curl() 
     c.setopt(pycurl.URL, URL) 
     c.setopt(pycurl.SSLKEY, KEY_PATH) 
     c.setopt(pycurl.PASSWORD, PASSWORD) 
     c.setopt(pycurl.SSLCERT, CERT_PATH) 
     c.setopt(pycurl.USERNAME, USERNAME) 
     c.setopt(pycurl.SSL_VERIFYHOST, 2) 
     c.setopt(pycurl.SSL_VERIFYPEER, True) 
     c.setopt(pycurl.CAINFO, CA_PATH) 
     c.setopt(pycurl.VERBOSE, True) 
     c.perform() 
     c.close() 

因此，讓我們同意，IP www.my.webiste.address.com的地址爲667.667.667.667;）

我在運行腳本時總是得到這個錯誤：

* Hostname was NOT found in DNS cache 
* Trying 667.667.667.667... 
* Connected to my.webiste.address.com (667.667.667.667) port 443 (#0) 
* schannel: SSL/TLS connection with my.webiste.address.com port 443 (step 1/3) 
* schannel: checking server certificate revocation 
* schannel: sending initial handshake data: sending 204 bytes... 
* schannel: sent initial handshake data: sent 204 bytes 
* schannel: SSL/TLS connection with my.webiste.address.com port 443 (step 2/3) 
* schannel: failed to receive handshake, need more data 
* schannel: SSL/TLS connection with my.webiste.address.com port 443 (step 2/3) 
* schannel: encrypted data buffer: offset 1260 length 4096 
* schannel: encrypted data length: 1162 
* schannel: encrypted data buffer: offset 1162 length 4096 
* schannel: received incomplete message, need more data 
* schannel: SSL/TLS connection with my.webiste.address.com port 443 (step 2/3) 
* schannel: encrypted data buffer: offset 3157 length 4096 
* schannel: next InitializeSecurityContext failed: SEC_I_INCOMPLETE_CREDENTIALS (0x00090320) - The credentials supplied were not complete, and could not be verified. Additional information can be returned from the context. 
* Closing connection 0 
* schannel: shutting down SSL/TLS connection with my.webiste.address.com port 443 

Traceback (most recent call last): 
    File "C:/path/to/project/main.py", line 59, in <module> 
    main() 
    File "C:/path/to/project/main.py, line 51, in main 
    c.perform() 

pycurl.error: (35, 'schannel: next InitializeSecurityContext failed: SEC_I_INCOMPLETE_CREDENTIALS (0x00090320) - The credentials supplied were not complete, and could not be verified. Additional information can be returned from the context.') 

* schannel: clear security context handle 
* schannel: clear credential handle 

你知道它應該如何正確看起來嗎？

Answer 1

問題，我發現在我自己的代碼 -

相反client_key.c_str的（）我是路過的client_key一個的std :: string;由於curl_easy_setopt是一個宏，所以編譯得很好。不過，我應該已經傳遞了const char *。

=========================

if (RestClientClass::client_key.size()) { 
    curl_easy_setopt(curl, CURLOPT_SSLKEY, RestClientClass::client_key.c_str()); 
    curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, "PEM"); 
} 

if (RestClientClass::client_certificate.size()) { 
    curl_easy_setopt(curl, CURLOPT_SSLCERT, RestClientClass::client_certificate.c_str()); 
    curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM"); 
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0); 
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0); 
}