$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // Return data inplace of echoing on screen
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); // Skip SSL Verification
$rsData = curl_exec($ch);
I am trying to get data from other(site2) site. Both the website are hosted in same server but different domain.
I have verified the OPenssl is turned on.
Error Message:SSL read: error:00000000:lib(0):func(0):reason(0), errno
104
My Firewall has blocked the conection between the hosts in same server, After updating NAT rule it works fine
Related
I'm having an issue with a new SSL certificate from GoDaddy, here's my code:
<?php
$url = "https://myurl.com";
$ch = curl_init($url);
$certificate_location = "ca-bundle.crt"; // modify this line accordingly (may need to be absolute)
curl_setopt($ch, CURLOPT_CAINFO, $certificate_location);
curl_setopt($ch, CURLOPT_CAPATH, $certificate_location);
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
curl_setopt($ch, CURLOPT_FORBID_REUSE, TRUE);
curl_setopt($ch, CURLOPT_FRESH_CONNECT, TRUE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
$result = curl_exec($ch);
$errtext = curl_error($ch);
$errnum = curl_errno($ch);
var_dump($result);
var_dump($errtext);
var_dump($errnum);
This results to error 60 which is SSL certificate problem: unable to get local issuer certificate
I've tried grabbing the latest CA certificates extracted from Mozilla and pointing cURL to use it but nothing works. any ideas?
Replace the below line of curl call
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
To
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
CURLOPT_SSL_VERIFYPEER: This option tells cURL to verify the authenticity of the SSL cert on the server.
if you want to verify peer then
1) Enable mod_ssl in Apache and php_openssl.dll in php.ini
2) Add these lines of your cert in php.ini files with the path:
curl.cainfo="yourpath/cacert.pem"
openssl.cafile="yourpath/cacert.pem"
3) And Restart the server.
I am doing an api call which is seemingly throwing some errors. So basicall my script is doing a SOAP API post call using cURL and it throws an error that (60): SSL certificate problem: unable to get local issuer certificate
I have tried
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
but its not working.
I have also tried the following:
$ch = curl_init(); // initialize curl handle
//curl_setopt($ch, CURLOPT_PROXY, $proxy);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, "GeoTrustGlobalCA.crt");
curl_setopt($ch, CURLOPT_URL, $ENDPOINT);
curl_setopt($ch, CURLOPT_FAILONERROR, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,0);
curl_setopt($ch, CURLOPT_TIMEOUT, 50);
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
//curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
//curl_setopt($ch, CURLOPT_PORT, 80);
$data = curl_exec($ch);
$curl_errno = curl_errno($ch);
$curl_error = curl_error($ch);
if ($curl_errno > 0) {
echo "cURL Error ($curl_errno): $curl_error\n";
} else {
echo "Data received. To complete this transaction, enter your Bonga PIN on your handset. if you don't have one dial *126*5# for instructions\n";
echo $data;
}
curl_close($ch);
Nothing seems to be working. Any workarounds? Btw the $ENDPOINT is https://safaricom.co.ke
The site has several errors, like mismatch of the name (should be www.safaricom.co.ke
not safaricom.co.ke) and also an incomplete certificate chain and additionally a very insecure setup. No wonder the validation fails. Some browsers work when the correct name was used because they work around missing chain certificates. Other clients (like curl) and most mobile browsers will not work because they expect the site to be properly set up.
For detailed information see the SSLabs report.
I'm getting the following error when using curl: Error:60 SSL certificate problem: unable to get local issuer certificate.
<?php
if($fp = tmpfile())
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"https://server.org");
curl_setopt($ch, CURLOPT_STDERR, $fp);
curl_setopt($ch, CURLOPT_CERTINFO, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_NOBODY, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
$result = curl_exec($ch);
curl_errno($ch)==0 or die("Error:".curl_errno($ch)." ".curl_error($ch));
fseek($fp, 0);//rewind
$str='';
while(strlen($str.=fread($fp,8192))==8192);
echo $str;
fclose($fp);
}
?>
I know this is due to curl needing a ca.pem file however when I added curl.cainfo = "c:\xampp\htdocs\openssl\cas\cacert.pem" to my php.ini file and restarted the services it still doesn't work and this would be becuase the server in question is internal and using a chain file certificates from my PKI servers does anyone know of a way to get this working for internal other than changing this: curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); to this: curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); ?
This is regarding paypal through Curl. I am trying to access paypal by using below code. The code is working fine in one server. After moving this code to live server, getting the below error. Can anybody tell me the solution for this.
$API_Endpoint = "https://api-3t.sandbox.paypal.com/nvp";
$version = urlencode('76.0');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $API_Endpoint);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
// Turn off the server and peer verification (TrustManager Concept).
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
// Set the API operation, version, and API signature in the request.
$nvpreq = "METHOD=$methodName_&VERSION=$version&PWD=$API_Password&USER=$API_UserName&SIGNATURE=$API_Signature$nvpStr_";
// Set the request as a POST FIELD for curl.
curl_setopt($ch, CURLOPT_POSTFIELDS, $nvpreq);
// Get response from the server.
$httpResponse = curl_exec($ch);
Error:
SetExpressCheckout failed: Unknown SSL protocol error in connection to api-3t.sandbox.paypal.com:443 (35)
Can you set curl_setopt($ch, CURLOPT_SSLVERSION, 3);?
curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
I inserted this line in my code
Did you try this alternative ?
This randomly started happening again on my development computer. It works fine on the production server, so whatever. But I still need to test this here.
Could not resolve host: (hostname); Host not found.
I know about the security vulnerabilities with these settings. But right now, I care more about getting this to work. HTTP addresses of course work fine, but those with HTTPS return no content and give an error about not being able to find the hostname. I've searched and didn't find anything useful this time.
function useCurl($xml,$cert,$host){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$host);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
curl_setopt($ch, CURLOPT_SSLCERT, $cert);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
$result = curl_exec($ch);
if (curl_error($ch)) {
print "cURL error: ". curl_error($ch) ."\n<br/>";
}
curl_close($ch);
return $result;
}
Have you tried adding curl_setopt($ch, CURLOPT_PORT, 443); so that it connects to the server on the ssl enabled port?