I am trying to connect to a server using curl; this server requires a .p12 certificate file and a passphrase. This has not been a problem in the few weeks I have been running my program. However, after my update to High Sierra, I now get LibreSSL errors. My colleagues running Windows 7 and 10 don't have this issue, either:
In Terminal:
$ curl -k https://server_metadata_link --cert certificate.p12 --pass “password”
curl: (58) could not load PEM client certificate, LibreSSL error error:0906D06C:PEM routines:PEM_read_bio:no start line, (no key found, wrong pass phrase, or wrong file format?)
In R:
> set_config(config(ssl_verifyhost = 0L, ssl_verifypeer = 0L))
> set_config(config(sslcert = certificate.p12, keypasswd = password))
> GET("https://server_metadata_link")
Error in curl::curl_fetch_memory(url, handle = handle) : could not load PEM client certificate, LibreSSL error error:0906D06C:PEM routines:PEM_read_bio:no start line, (no key found, wrong pass phrase, or wrong file format?)
I would prefer not to backtrack to Sierra, as I have a colleague with a new Mac who is stuck in High Sierra. I don't think there is an error with the certificates, as like I said, this worked fine before the upgrade to High Sierra. After researching this issue, I think it may have something to do with Mac's move from OpenSSL to LibreSSL in High Sierra. I don't know what effect that might have on the back end, but it could explain why only my colleague and I have the error, while another colleague with Sierra does not.
Another issue may be that my version of curl is 7.54.0 (as is my colleague's with High Sierra), while the latest is 7.58.0. I don't know if this could also be causing a problem, but as a separate issue I'm not sure how to force my Mac to use the most recent version of curl; since it's included in the Mac, Homebrew won't let me install the latest version.
The only other note I have is that if I change the R config from "sslcert = certificate.p12" to "sslkey = certificate.p12" or the Terminal command from "--cert certificate.p12" to "--key certificate.p12" I get a normal 403 error saying I couldn't connect to the server.
Any help would be appreciated, and please let me know if there is any other information I should provide. Thanks in advance.