curl-基本身份验证失败

curl-基本身份验证失败,curl,Curl,我无法使curl通过基本身份验证来访问站点。在我的设置中,我使用cntlm来避免代理身份验证问题,因为我被困在公司代理的后面。这样的配置对于其他没有auth的请求来说效果很好 虽然我不能让curl工作,但当我尝试通过相同的cntlm设置访问firefox的相同资源时,它工作得非常完美。我检查了firefox和curl中的头文件,包括Base64编码的user/pass,它们似乎是匹配的 这是旋度输出: D:\Tools\curl>curl -uUSER:PASSWORD -i -v --c

我无法使curl通过基本身份验证来访问站点。在我的设置中,我使用cntlm来避免代理身份验证问题,因为我被困在公司代理的后面。这样的配置对于其他没有auth的请求来说效果很好

虽然我不能让curl工作,但当我尝试通过相同的cntlm设置访问firefox的相同资源时,它工作得非常完美。我检查了firefox和curl中的头文件,包括Base64编码的user/pass,它们似乎是匹配的

这是旋度输出:

D:\Tools\curl>curl -uUSER:PASSWORD -i -v --cacert c:/tools/cert/rb-bundle
.cer --proxy http://10.37.0.20:3128 https://api.orgregister.1c.ru/orgregister/v2
?wsdl
*   Trying 10.37.0.20...
* Connected to 10.37.0.20 (10.37.0.20) port 3128 (#0)
* Establish HTTP proxy tunnel to api.orgregister.1c.ru:443
* Server auth using Basic with user 'USER'
> CONNECT api.orgregister.1c.ru:443 HTTP/1.1
> Host: api.orgregister.1c.ru:443
> User-Agent: curl/7.48.0
>
< HTTP/1.1 200 Connection established
HTTP/1.1 200 Connection established
< Connection: close
Connection: close
<

* Proxy replied OK to CONNECT request
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: c:/tools/cert/rb-bundle.cer
  CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-SHA
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: C=RU; ST=Moscow; L=Moscow; O=1C LLC; OU=1C LLC; CN=api.orgregister.1
c.ru
*  start date: Aug  7 00:00:00 2015 GMT
*  expire date: Aug 21 23:59:59 2016 GMT
*  subjectAltName: host "api.orgregister.1c.ru" matched cert's "api.orgregister.
1c.ru"
*  issuer: C=RU; ST=Moscow; L=Moscow; O=Organization; OU=OrgUnit; CN=CommonName; emailAddress=email@test.ru
*  SSL certificate verify ok.
* Server auth using Basic with user 'USER'
> GET /orgregister/v2?wsdl HTTP/1.1
> Host: api.orgregister.1c.ru
> Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXX
> User-Agent: curl/7.48.0
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
HTTP/1.1 401 Unauthorized
< Server: nginx
Server: nginx
< Date: Thu, 24 Mar 2016 15:56:49 GMT
Date: Thu, 24 Mar 2016 15:56:49 GMT
< Content-Type: text/xml;charset=UTF-8
Content-Type: text/xml;charset=UTF-8
< Content-Length: 315
Content-Length: 315
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
X-XSS-Protection: 1; mode=block
< Pragma: no-cache
Pragma: no-cache
< Expires: 0
Expires: 0
< Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
< X-Frame-Options: DENY
X-Frame-Options: DENY
* Authentication problem. Ignoring this.
< WWW-Authenticate: Basic realm="LLC 1C"
WWW-Authenticate: Basic realm="LLC 1C"
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate, proxy-revalidat
e
Cache-Control: no-cache, no-store, max-age=0, must-revalidate, proxy-revalidate
< Proxy-Connection: Keep-Alive
Proxy-Connection: Keep-Alive
< Connection: Keep-Alive
Connection: Keep-Alive
< Set-Cookie: BCSI-CS-f05c1f474bdd2451=1; Path=/
Set-Cookie: BCSI-CS-f05c1f474bdd2451=1; Path=/
< Proxy-support: Session-based-authentication
Proxy-support: Session-based-authentication
< Age: 0
Age: 0

<
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Body>
        <soap:Fault>
            <faultcode>soap:Server</faultcode>
            <faultstring>SERVER-9: Full authentication is required to access thi
s resource</faultstring>
        </soap:Fault>
    </soap:Body>
</soap:Envelope>* Connection #0 to host 10.37.0.20 left intact

D:\Tools\curl>
D:\Tools\curl>curl-uUSER:PASSWORD-i-v--cacert c:/Tools/cert/rb bundle
.cer--代理http://10.37.0.20:3128 https://api.orgregister.1c.ru/orgregister/v2
?wsdl
*正在尝试10.37.0.20。。。
*连接到10.37.0.20(10.37.0.20)端口3128(#0)
*建立到api.orgregister.1c.ru:443的HTTP代理隧道
*对用户“user”使用Basic进行服务器身份验证
>CONNECT api.orgregister.1c.ru:443http/1.1
>主机:api.orgregister.1c.ru:443
>用户代理:curl/7.48.0
>
GET/orgregister/v2?wsdl HTTP/1.1
>主机:api.orgregister.1c.ru
>授权:基本XXXXXXXXXXXXXXXXXXXXXXXXXXXX
>用户代理:curl/7.48.0
>接受:*/*
>

谢谢你的帮助