A community in which webmasters can ask for help with topics such as PHP coding , MySQL , IT jobs, web design, IT security.
Current location:homephp forumphp talk in 2009 yearError using PHP cURL with SSL certificates - page 1
User InfoPosts
Error using PHP cURL with SSL certificates#1
I(m trying to write a PHP script using cURL that can authorize a user through a page that uses an SSL certificate, in addition to username and password, and I can(t seem to get past the SSL cert stage.

In this case, curl_setopt($handle, CURLOPT_VERIFYPEER, 0) unfortunately isn(t an option. The certificate is a required part of authentication, otherwise I get the error mentioned in this other similar SO post.

I(ve tried a few command-line runs with cURL:

> curl --url https://website

This returns the (60) SLL certificate problem error. If I adjust the command to include the --cacert option:

> curl --url https://website --cacert /path/to/servercert.cer

It works just fine; the auth website is returned.

However, I(ve tried the following PHP code:

$handle = curl_init();
$options = array(
CURLOPT_RETURNTRANSFER => false,
CURLOPT_HEADER => true,
CURLOPT_FOLLOWLOCATION => false,
CURLOPT_SSL_VERIFYHOST => (0(,
CURLOPT_SSL_VERIFYPEER => (1(,
CURLOPT_CAINFO => (/path/to/servercert.cer(,
CURLOPT_USERAGENT => (Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)(,
CURLOPT_VERBOSE => true,
CURLOPT_URL => (https://website(
);

curl_setopt_array($handle, $options);
curl_exec($handle);
if (curl_errno($handle)) {
echo (Error: ( . curl_error($handle);
}
curl_close($handle);


I would have thought the code was essentially analogous to the shell commands, but instead I(m greeted with the following error message:


Error: error setting certificate verify locations: CAfile: /path/to/servercert.cer CApath: none


I(ve read all the literature I can find (particularly on php.net and curl.haxx) and can(t seem to find anything that fixes this problem. Any suggestions?

EDIT: I have tried chmod 777 servercert.cer with no success. However, in executing the PHP script with the above code from the command line instead of the browser via php test.php, it works perfectly. Any explanation for why it doesn(t work in the browser?

EDIT 2: These drive-by downvotes on the only souls brave enough to answer this question are getting old. Either contribute something meaningful or pass on by, please.

posted date: 2009-04-08 10:00:00


Re: Error using PHP cURL with SSL certificates#2
I had made out the solution of this problem. click to view my topic...

hope that hepls.

posted date: 2009-04-08 10:00:01


Re: Error using PHP cURL with SSL certificates#3
Does PHP definitely have permission to read that file? Try running the script from the command line: php my.php

posted date: 2009-04-08 10:08:00


Re: Error using PHP cURL with SSL certificates#4
Strange! I tested it as you said, and it worked perfectly! Why would it work from the command line, but not the browser?

posted date: 2009-04-08 11:56:00


Re: Error using PHP cURL with SSL certificates#5
serverfault.com/121768/…

posted date: 2012-05-02 08:06:00


Re: Error using PHP cURL with SSL certificates#6
Because things work via the command line but not via php using curl then I would pursue curl being the problem.According to this URL, http://curl.haxx.se/docs/sslcerts.html, which was reference in an SO post you cited above ( reading SSL page with CURL (php) )..."Until 7.18.0, curl bundled a severely outdated ca bundle file that wasinstalled by default. These days, the curl archives include no ca certs atall. You need to get them elsewhere. See below for example.If the remote server uses a self-signed certificate, if you don(t install a CAcert bundle, if the server uses a certificate signed by a CA that isn(tincluded in the bundle you use or if the remote host is an impostorimpersonating your favorite site, and you want to transfer files from thisserver, do one of the following:"It then goes on to list a number of steps that you can try.Since your 7.16.3 version of curl is prior to 7.18.0, if you haven(t already, I would recommend updating your curl and openssl components and then working through the list referenced above.

posted date: 2012-05-02 08:30:00


Re: Error using PHP cURL with SSL certificates#7
Probably my answer [here][1] would help [1]: www.momige.com/a/13564776/324846

posted date: 2012-11-26 04:27:00


Re: Error using PHP cURL with SSL certificates#8
// Initialize session$ch = curl_init($url);// Set transfer optionscurl_setopt_array($ch, $this->options);// Execute session and store returned results$this->results = curl_exec($ch);// Store the HTTP status code given (201, 404, etc.)$this->status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);// Check for cURL errorif (curl_errno($ch)) { $this->error = (cURL connection error ((.curl_errno($ch).(): (.htmlspecialchars(curl_error($ch)).( <a href="http://www.google.com/search?q=(.urlencode("curl error ".curl_error($ch)).(">Search</a>(; $this->connected = false;} else { $this->connected = true;}// Close sessioncurl_close($ch);

posted date: 2013-07-11 23:52:00


Re: Error using PHP cURL with SSL certificates#9
Now that this question is vey old, but maybe could be useful for some users looking for an answer currently.I have a similar problem about an API with SSL, having problems with CURL (not with the browsers) my problem was that I just put the certificate but not the ceritifcates chain/bundle. Then I put that and things started working. So that(s important in order to avoid problems.Hope this can be useful for someone.

posted date: 2015-10-01 05:14:00


Re: Error using PHP cURL with SSL certificates#10
After 6 years of the question, I meet the same problem on a shared-host, and apparently there is no satisfactory answer. I found for myself a solution, hope it useful for everybody.You can try this config:curl_setopt($config,CURLOPT_SSL_VERIFYHOST,0);curl_setopt($config,CURLOPT_SSL_VERIFYPEER,1);curl_setopt($config,CURLOPT_CAINFO,(ca-bundle.crt();curl_setopt($config,CURLOPT_CAPATH,(ca-bundle.crt();I met same error with @Magsol: Error: error setting certificate verify locations: CAfile: /path/to/servercert.cer CApath: none; so I added the 4th line to set CAPath.It(s work with me. But note, the CA file must be place in accessable dir (with chmod 755 or 777) and it will better if CA file is in the same dir with PHP file.

posted date: 2015-12-08 01:55:00


select page: « 1 »
Copyright ©2008-2017 www.momige.com, all rights reserved.