I'm trying to connect to a company server over https using httr library. I have the client certificate and its private key protected by a password. I'm running the following R command :
connect = httr::GET("https://someaddress:22667", config(ssl_verifypeer = 0L, sslcert = "myCert.crt", sslkey = "mykey10.pem",keypasswd = "qwert", verbose = TRUE, sslversion = 6))
But it's failing, with this error :
failed to receive handshake, SSL/TLS connection failed
When testing with this cURL command :
curl -k --cert myCert.crt --key myKey10.pem https://someaddress:22667
the connection will be established. As I understand, httr is just a wrapper over cURL (more precisely : libcurl is required). When using the same parameters, it is supposed to establish the connection.
Help please!!! I spent a lot of time to resolve this problem, but unsuccessfully.
According to the R curl library changelog there were big modifications recently, particularly for Windows users :
...
3.0 - MAJOR CHANGE ON WINDOWS: On Windows 7 / 2008-R2 and up we switch from OpenSSL to native Windows SSL (secure channel). Therefore curl now uses certificates from the windows certificate manager. This enables users on corporate/government networks to connect through enterprise proxies and such. On Windows Vista/2008 and older (including CRAN) we still use OpenSSL to guarantee TLS 1.1/1.2 support.
...
2.8.1 - Windows: switch back to OpenSSL instead of SecureChannel because Windows 2008 (CRAN) does not support TLS 1.1 and TLS 1.2 which is required for many servers now.
This can explain the different behaviors between the native cURL and its wrapper in R. If you're on Windows, then, check which version of curl library you are running, and re-install it manually by choosing another version (2.8.1 or 3.0 or 3.1 where we see big changes in the log) :
library(curl)
sessionInfo()
other attached packages:
[1] curl_3.1
R CMD REMOVE curl
wget http://cran.univ-paris1.fr/src/contrib/Archive/curl/curl_2.8.1.tar.gz
R CMD INSTALL curl_2.8.1.tar.gz
The curl archives are here
Please give me a feedback on this answer, I spent time on it.