Be able to POST to HTTPS from the router

[GoogleCodeExporter]

I want to setup my router so that whenever the WAN link goes up and down it 
would automatic POST to my IPv6 tunnelbroker to update my IPv4 endpoint IP, as 
described here https://forums.he.net/index.php?topic=1994.0 . However I am 
unable to do that with "wget" since it does not support HTTPS, is there any 
other way that I could POST to a HTTPS address using some other way? 

Original issue reported on code.google.com by matt...@kekesoft.org on 8 Aug 2014 at 9:44

[GoogleCodeExporter]

Try the following example:

# openssl s_client -crlf -quiet -connect code.google.com:443 << EOF
GET /hosting/ HTTP/1.0
Host: code.google.com

EOF

It will show you the response of https://code.google.com/hosting/

I'm not sure but post requests should be done the same way, but probably some 
more data should be provided. Smth. like the following:

USERNAME='JohnDoe'
PASSWD='x!$@mdkm/seCure'
TUNNEL_ID='1565253'

DATA="username=${USERNAME}&password=${PASSWD}&hostname=${TUNNEL_ID}"
LEN=$(echo -n $DATA | wc -c)

openssl s_client -crlf -quiet -connect ipv4.tunnelbroker.net:443 <<EOF
POST /nic/update HTTP/1.0
Host: ipv4.tunnelbroker.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) 
Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)
Keep-Alive: 300
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: $LEN

$DATA

EOF

BTW, www.powerdns.net provides links to update your dns records (in beta 
testing).
For example, 
# openssl s_client -crlf -quiet -connect www.powerdns.net:443 << EOF
GET /dyn/910ae3c4da90ebcd82a26f4103eab28c/2419842.aspx HTTP/1.0
Host: www.powerdns.net

EOF

depth=2 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN 
= COMODO Certification Authority
verify error:num=20:unable to get local issuer certificate
verify return:0
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-Powered-By: UrlRewriter.NET 2.0.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 08 Aug 2014 17:11:41 GMT
Connection: close
Content-Length: 2

OKread:errno=0

The record was updated.

Original comment by d...@soulblader.com on 8 Aug 2014 at 5:17

[GoogleCodeExporter]

OpenSSL returned errorcode 19, a self signed certificate error. Is there a 
default certification store on the router that I can use?

/home/root # openssl s_client -crlf -connect ipv4.tunnelbroker.net:443 
-showcerts
CONNECTED(00000003)
depth=3 C = US, O = "Starfield Technologies, Inc.", OU = Starfield Class 2 
Certification Authority
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
 0 s:/OU=Domain Control Validated/CN=tunnelbroker.net
   i:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./OU=http://certs.starfieldtech.com/repository//CN=Starfield Secure Certificate Authority - G2
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIHK46r9V+gsTANBgkqhkiG9w0BAQsFADCBxjELMAkGA1UE
BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAj
BgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMzAxBgNVBAsTKmh0
dHA6Ly9jZXJ0cy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5LzE0MDIGA1UE
AxMrU3RhcmZpZWxkIFNlY3VyZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAe
Fw0xNDA0MTExNzIzMTJaFw0xNjExMDQyMTEwNDJaMD4xITAfBgNVBAsTGERvbWFp
biBDb250cm9sIFZhbGlkYXRlZDEZMBcGA1UEAxMQdHVubmVsYnJva2VyLm5ldDCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALhNfH3ODfmxSRk5noAHykQL
cyiF8zigBj5dH3p7uzKwLCwZ9HgafoFBHTxX2QV/hxjbFan3gvh2V5HxqOhCwfuz
lQCOUmGM6BEgvgf4YNnkLh0hRh9RS+xmQzAKbQ8Xor8a9fReonyUc6UyD8JVEisa
+sP7vJUizfEf0DtGBlCWZCrhSJJ6ySvRI6h0IKQkaYZ0qP/avEttW2CDdzBjvc0c
QHQG+uSqE8OGK20HCM004g4x5hun65L4W4s9P4NYqho2aClltrGxIu/EvygVv5NE
caE6dtGzkiXYNdvIEOGC7hkicc08CeW4dRhQB7HsTudyCZfCgfG++NyKIs3iVGkC
AwEAAaOCAgIwggH+MA8GA1UdEwEB/wQFMAMBAQAwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDA7BgNVHR8ENDAyMDCgLqAshipo
dHRwOi8vY3JsLnN0YXJmaWVsZHRlY2guY29tL3NmaWcyczEtNi5jcmwwWQYDVR0g
BFIwUDBOBgtghkgBhv1uAQcXATA/MD0GCCsGAQUFBwIBFjFodHRwOi8vY2VydGlm
aWNhdGVzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMIGCBggrBgEFBQcB
AQR2MHQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnN0YXJmaWVsZHRlY2guY29t
LzBGBggrBgEFBQcwAoY6aHR0cDovL2NlcnRpZmljYXRlcy5zdGFyZmllbGR0ZWNo
LmNvbS9yZXBvc2l0b3J5L3NmaWcyLmNydDAfBgNVHSMEGDAWgBQlRYFoUCY4PTst
LL7Natm2PbNmYzBfBgNVHREEWDBWghB0dW5uZWxicm9rZXIubmV0ghR3d3cudHVu
bmVsYnJva2VyLm5ldIIVaXB2Ni50dW5uZWxicm9rZXIubmV0ghVpcHY0LnR1bm5l
bGJyb2tlci5uZXQwHQYDVR0OBBYEFHzMxbbgA67MpiGlhfPjqhuHGVjVMA0GCSqG
SIb3DQEBCwUAA4IBAQBKFCdk5KYfQWZxaHhiwbnt0aHS5P640jV0JWeOrrhucvav
tAyBr9hFBYXFfaRkzNce/DeyMIUwB5rRDysqVc/N9sz05ojJgrCAJyoDsYqjZ1+O
OfJrllscZH2s15ASrGobx8lfEh94mPA7Y/Oj0Z1b5gukjpCJSk9vmO1QgYPeRI36
U/7829SGvRly8S+UuecqX8Xm70SoYFfbU7xdDA24RuxggLRTuO2+TfEwKNCtWisj
G6/DmxVl7YnzSGtIfxI1x/xaQVbuGIHifCI2GQCwIFTJ9/CLnqkCTDgMMtpKzIvK
e9EG+tQLHUNKalC1u4heOisVnYKl8CQT7eOeC+5i
-----END CERTIFICATE-----
 1 s:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./OU=http://certs.starfieldtech.com/repository//CN=Starfield Secure Certificate Authority - G2
   i:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Root Certificate Authority - G2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx
EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT
HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs
ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTExMDUwMzA3MDAw
MFoXDTMxMDUwMzA3MDAwMFowgcYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6
b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj
aG5vbG9naWVzLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydHMuc3RhcmZpZWxk
dGVjaC5jb20vcmVwb3NpdG9yeS8xNDAyBgNVBAMTK1N0YXJmaWVsZCBTZWN1cmUg
Q2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlkGZL7PlGcakgg77pbL9KyUhpgXVObST2yxcT+LBxWYR6ayuF
pDS1FuXLzOlBcCykLtb6Mn3hqN6UEKwxwcDYav9ZJ6t21vwLdGu4p64/xFT0tDFE
3ZNWjKRMXpuJyySDm+JXfbfYEh/JhW300YDxUJuHrtQLEAX7J7oobRfpDtZNuTlV
Bv8KJAV+L8YdcmzUiymMV33a2etmGtNPp99/UsQwxaXJDgLFU793OGgGJMNmyDd+
MB5FcSM1/5DYKp2N57CSTTx/KgqT3M0WRmX3YISLdkuRJ3MUkuDq7o8W6o0OPnYX
v32JgIBEQ+ct4EMJddo26K3biTr1XRKOIwSDAgMBAAGjggEsMIIBKDAPBgNVHRMB
Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUJUWBaFAmOD07LSy+
zWrZtj2zZmMwHwYDVR0jBBgwFoAUfAwyH6fZMH/EfWijYqihzqsHWycwOgYIKwYB
BQUHAQEELjAsMCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5zdGFyZmllbGR0ZWNo
LmNvbS8wOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zdGFyZmllbGR0ZWNo
LmNvbS9zZnJvb3QtZzIuY3JsMEwGA1UdIARFMEMwQQYEVR0gADA5MDcGCCsGAQUF
BwIBFitodHRwczovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkv
MA0GCSqGSIb3DQEBCwUAA4IBAQBWZcr+8z8KqJOLGMfeQ2kTNCC+Tl94qGuc22pN
QdvBE+zcMQAiXvcAngzgNGU0+bE6TkjIEoGIXFs+CFN69xpk37hQYcxTUUApS8L0
rjpf5MqtJsxOYUPl/VemN3DOQyuwlMOS6eFfqhBJt2nk4NAfZKQrzR9voPiEJBjO
eT2pkb9UGBOJmVQRDVXFJgt5T1ocbvlj2xSApAer+rKluYjdkf5lO6Sjeb6JTeHQ
sPTIFwwKlhR8Cbds4cLYVdQYoKpBaXAko7nv6VrcPuuUSvC33l8Odvr7+2kDRUBQ
7nIMpBKGgc0T0U7EPMpODdIm8QC3tKai4W56gf0wrHofx1l7
-----END CERTIFICATE-----
 2 s:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Root Certificate Authority - G2
   i:/C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
-----BEGIN CERTIFICATE-----
MIIEoDCCA4igAwIBAgIDORSEMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNVBAYTAlVT
MSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTIwMAYDVQQL
EylTdGFyZmllbGQgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0x
NDAxMDEwNzAwMDBaFw0zMTA1MzAwNzAwMDBaMIGPMQswCQYDVQQGEwJVUzEQMA4G
A1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTElMCMGA1UEChMcU3Rh
cmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UEAxMpU3RhcmZpZWxkIFJv
b3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC97cED/PaP/AKxb1ufSNmdeeKitwNhVhjDR7bXyj01LolD
96Fpm96KGv0TIJy0SXcyKVb9ueyM3SL6ctwnYZfu9lqE7G4ZuYks3IRb1XT7a1/F
iaUQUolGVfS4dRzmf+RUrkv4VXJXAhn4F3FZ6x4oB3TFnUi+bLT0pLDzZDd5ksDs
Rl5/4W1TTGKvzR8LY7s6nfv8eQCYYXTPJoJAY/OycmoZDZnK1A51zDf7i4nBWfFi
f1+zX2Uw+Ke3TXZaHnZeNMDollaZirPwf6TNvdwyMXyRz+BfEfhrqklc0ZmU0aLj
Y1sJdrVWYuFLdB2W1CbUCARZ0JgODube/MPsH5DxAgMBAAGjggEpMIIBJTAPBgNV
HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUfAwyH6fZMH/E
fWijYqihzqsHWycwHwYDVR0jBBgwFoAUv1+30c7dH4b0W1Ws3NcQwg6piOcwOgYI
KwYBBQUHAQEELjAsMCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5zdGFyZmllbGR0
ZWNoLmNvbS8wOAYDVR0fBDEwLzAtoCugKYYnaHR0cDovL2NybC5zdGFyZmllbGR0
ZWNoLmNvbS9zZnJvb3QuY3JsMEwGA1UdIARFMEMwQQYEVR0gADA5MDcGCCsGAQUF
BwIBFitodHRwczovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkv
MA0GCSqGSIb3DQEBCwUAA4IBAQCFY8HZ3bn/qb2mGdy/EzoROCJUsawFEPt8s5Y/
MYtm/4jz4b/7xx8A/0Zqi2EyyQFRdvuaxvogUchGxJjXeaPjBHI/i000U2fsMyx7
6JQBKHw6NFsCdxaNQCUzsLxsl9cFev+Mhc5voFMAF24ebL0i1wqIN/Z965lB7yfL
jGBrTAF+ZVALT7iVmppuNP1zOjPxkdXzTi106O/TkDXxBmhk1NAT/VLTxm3BOoox
3QUmNUqMZbhSa4Hs0py1NBCXnD7GL+2OQkIkLulzmiX5EfHyI2nL5ZRpoNLcsPxE
iawXqMzVN3cWxYC5DI9XAlWZhXtJ8C5boMJXU12i6KY3wwH6
-----END CERTIFICATE-----
 3 s:/C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
   i:/C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
-----BEGIN CERTIFICATE-----
MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw
NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE
ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp
ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3
DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf
8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN
+lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0
X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa
K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA
1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G
A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR
zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0
YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD
bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w
DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3
L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D
eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl
xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp
VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY
WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q=
-----END CERTIFICATE-----
---
Server certificate
subject=/OU=Domain Control Validated/CN=tunnelbroker.net
issuer=/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, 
Inc./OU=http://certs.starfieldtech.com/repository//CN=Starfield Secure 
Certificate Authority - G2
---
No client certificate CA names sent
---
SSL handshake has read 5823 bytes and written 337 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : DHE-RSA-AES256-GCM-SHA384
    Session-ID: 3A2BF10A4214A4D49A3075C806DE4D15D4861167B3B392B8149041D4373BB63E
    Session-ID-ctx:
    Master-Key: 4660AEB0B5094640C548AB700BB7D29C99554B10ABBB324C164C002C196CB60AF91B1EB72CB8460B5D3D87881996F17E
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - a0 6f 0f 8d ed 30 3a 9d-c0 52 f6 7c eb 47 16 67   .o...0:..R.|.G.g
    0010 - 13 d3 a3 31 31 cc ad 87-b5 b0 ca 75 a1 c1 61 b9   ...11......u..a.
    0020 - cb f0 d8 f8 84 6c 4a 6d-44 e5 6c a8 89 0b 63 db   .....lJmD.l...c.
    0030 - aa 48 e4 8b 9e 40 2c a8-6f 91 4d 3b c3 c7 d6 f1   .H...@,.o.M;....
    0040 - e3 07 5d 8f 6c 30 cc 72-13 48 16 a0 99 49 e0 da   ..].l0.r.H...I..
    0050 - 6b 38 bf fd 19 21 21 35-44 e7 72 54 b6 95 af 50   k8...!!5D.rT...P
    0060 - fd 27 0b 2d 09 0f e9 6b-47 91 b6 64 c7 3a dc 2a   .'.-...kG..d.:.*
    0070 - 31 b8 cf 5e 9b de 6f a0-c0 02 d8 13 ec 8c 89 d6   1..^..o.........
    0080 - 5a 02 e4 92 72 2f 5f 60-a5 92 3e f4 78 50 03 2b   Z...r/_`..>.xP.+
    0090 - 3c ce 7a b3 34 e2 40 b0-d9 9e 97 87 de f5 46 de   <.z.4.@.......F.
    00a0 - 2e e8 c5 6d 57 aa 98 61-12 2a 93 8e 63 35 64 5c   ...mW..a.*..c5d\
    00b0 - 57 f6 ae e6 30 11 cf e2-1d f3 68 80 02 f2 bb ba   W...0.....h.....

    Start Time: 1407580844
    Timeout   : 300 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)
---

Original comment by matt...@kekesoft.org on 9 Aug 2014 at 10:41

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

It is not an error here. As far as s_client is utility for ssl connection 
debug, it notifies you that it can't find user certificates. In this case you 
don't need them.

Server ipv4.tunnelbroker.net expects GET request (why have you decided a POST 
is needed?...)

So the following works on that server.
NOTE: You should use not your web password, but Update Key. Find it on 
'Advanced' tab

USERNAME='JohnDoe'
PASSWD='x!$@mdkm/seCure'
TUNNEL_ID=156253

openssl s_client -crlf -connect ipv4.tunnelbroker.net:443 -quiet <<EOF
GET /nic/update?username=${USERNAME}&password=${PASSWD}&hostname=${TUNNEL_ID} 
HTTP/1.0
Host: ipv4.tunnelbroker.net

EOF

Original comment by d...@soulblader.com on 9 Aug 2014 at 1:10

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

Awesome, that script works perfectly. No one updating the endpoint manually. 
Thank you very much sir. :D

Original comment by matt...@kekesoft.org on 10 Aug 2014 at 6:20

[GoogleCodeExporter]

You are welcome! ;)

Original comment by d...@soulblader.com on 10 Aug 2014 at 7:52

• Changed state: Verified