Using client certificates to access restricted website 2

Iam following up on a quite rudely closed Topic:
using-client-certificates-to-access-restricted-website

You are closing Topics after just 2 days of inactivity after last post? Really? You like, reply to my request before weekend and don’t even have the courtesy to wait till Monday? Wooow, did not see that one coming from a service like yours.

Nevertheless, I tried using WSL like Damian replied in my previous Topic. It got me slightly further, but ultimately I ended up coming short and was again blocked even though I successfully used the certificate (as far as I can tell).

Here is the reply if anyone even cares to continue this support ticket:

curl -v --cert client.pem --key client.key  https://my.domain.com/
*   Trying 188.114.96.10:443...
* Connected to my.domain.com (188.114.96.10) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=domain.com
*  start date: May 13 06:59:58 2024 GMT
*  expire date: Aug 11 06:59:57 2024 GMT
*  subjectAltName: host "my.domain.com" matched cert's "*.domain.com"
*  issuer: C=US; O=Google Trust Services LLC; CN=GTS CA 1P5
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* Using Stream ID: 1 (easy handle 0x556f2c785550)
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET /Default.aspx HTTP/2
> Host: my.domain.com
> user-agent: curl/7.81.0
> accept: */*
>
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
< HTTP/2 403
< date: Mon, 03 Jun 2024 08:58:58 GMT
< content-type: text/html; charset=UTF-8
< content-length: 4517
< x-frame-options: SAMEORIGIN
< referrer-policy: same-origin
< cache-control: max-age=15
< expires: Mon, 03 Jun 2024 08:59:13 GMT
< report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4kwKLwPFwwLY93M0siIlQi1RY7z3s4xoAhydknN09Srsyg6XIRypPWoA9gHPVmT3Ti6HZASokLAc5hy8iIwkSi4fmCVOSG0SVirOpX3Jrr0j8N4UbLAPAhaE38k4oLVENn5ej2XTpSszLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
< nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
< server: cloudflare
< cf-ray: 88de7c042a422798-PRG
< alt-svc: h3=":443"; ma=86400
<
* TLSv1.2 (IN), TLS header, Supplemental data (23):

A post was merged into an existing topic: Using client certificates to access restricted website