SSL Certificate with PHP CURL - php

I'm using curl to send an xml file over https to the rightmove API - they supplied me with all the certificates.
I am getting the error :
60SSL certificate problem: unable to get local issuer
certificateResult =
I have tried everything i have found on every other stackoverflow post similar and nothing is working, i have tried downloading the old cacert.pem and changed the files in php.ini - ive installed my personal information file andcreated a certificate on the browser and local machine and nothing is removing the error 60.
This is my PHP :
<?php
$xml = file_get_contents("myxml.xml");
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt ($ch, CURLOPT_CAINFO, dirname(__FILE__).'\mypem.pem');
curl_setopt($ch, CURLOPT_URL, "https://adfapi.adftest.rightmove.com/v1/property/sendpropertydetails");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_REFERER, 'https://adfapi.adftest.rightmove.com/v1/property/sendpropertydetails');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_VERBOSE , 1);
$ch_result = curl_exec($ch);
print curl_errno($ch);
print curl_error($ch);
echo "Result = ".$ch_result;
curl_close($ch);
?>
this has had me banging my head for days, i would be very grateful for any assistance.

For my particular case i needed to add the keyfile, sslcert and cert password.
//$xml = file_get_contents("thexmlfile.xml");
$xml= $propertyXml->asXML();
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . '\pemfile.pem');
curl_setopt($ch, CURLOPT_URL, "https://adfapi.adftest.rightmove.com/v1/property/sendpropertydetails");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_SSH_PRIVATE_KEYFILE, getcwd() . '\myjks.jks');
curl_setopt($ch, CURLOPT_SSLCERT, getcwd() . '\pemfile.pem');
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, "thesslpassword");
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_REFERER, "https://adfapi.adftest.rightmove.com/v1/property/sendpropertydetails");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_VERBOSE , 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$ch_result = curl_exec($ch);
print curl_errno($ch);
print curl_error($ch);
echo "Result = ".$ch_result;
curl_close($ch);

It is failing as curl is unable to verify the certificate provided by the server.
There are two options to get this to work:
1 Allows curl to make insecure connections, that is curl does not verify the certificate.
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
2 Add the root CA (the CA signing the server certificate) in php.ini
curl.cainfo=/path/to/cacert.pem
You should use option 2 as thats the option that ensures that you are connecting to secure ftp server.

I was getting the same "SSL certificate problem: unable to get local issuer certificateResult" error with HTTP GET to a remote https site. I only needed to provide the CA cert to php curl, ie CURLOPT_CAINFO:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_CAINFO, "/path/to/CA_Bundle.crt");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$output = curl_exec($ch);
if (curl_errno($ch)) {
$error_msg = curl_error($ch);
print "curl_error: $error_msg <br>";
} else {
print "output: $output<br>";
}
curl_close($ch);

Related

PHP cURL with Proxy ( Not SOCKS5 )

I had working code that used my VPN (NordVPN) credentials through their SOCKS5 protocol.
Recently, they have dropped support for SOCKS5 so I have to use their other protocols, however I am unable to get any to work.
All of their available protocols can be seen here
https://nordvpn.com/servers/tools/
- IKEv2/IPSec
- OpenVPN
- Wireguard
- HTTP Proxy (SSL)
Here is my code, attempting to use their "HTTP Proxy (SSL)" protocol
$cookie_file = tempnam("/tmp", "CURLCOOKIE");;
$ch = curl_init();
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_ENCODING, "");
curl_setopt($ch, CURLOPT_AUTOREFERER, true);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 120); // in seconds
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_PROXYTYPE, 'HTTP');
curl_setopt($ch, CURLOPT_PROXYPORT, "443");
curl_setopt($ch, CURLOPT_PROXY, "au643.nordvpn.com");
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyUser . ":" . $proxyPass);
curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
curl_setopt($ch, CURLOPT_URL, $Url);
$result = curl_exec($ch);
curl_close($ch);
The error I get is
curl_exec(): supplied resource is not a valid cURL handle resource in ...
I don't really care what protocol it is, just need it to work.
Thanks.
After facing the same issue, I have worked out a solution
$PROXY_HOST = "xxx.xxxxxx.com";
$PROXY_PORT = "89";
$PROXY_USER = "yourproxyusername";
$PROXY_PASS = "yourproxypassword";
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_PROXY_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, "$PROXY_USER:$PROXY_PASS");
curl_setopt($ch, CURLOPT_PROXY, "https://$PROXY_HOST:$PROXY_PORT");
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response= curl_exec($ch);
$error = curl_error($ch);
echo $error;
echo $response;
curl_close($ch);
One thing to note is that for NordVPN you have to use the port 89 for HTTP Proxy (SSL) and the username and password is not your account username and password, but your proxy specific credentials that you can find on your account page.
Also dont quote me on this, but I think you need to use PHP 7.3+ for this to work.
we can use it with protonvpn or vpnbook ?

How to maintain the response header

I'm having trouble understanding how CURL handles headers.
I have a site.com/page1 that I want to access with CURL it does a 308 redirect to site.com/page2/file.zip
What I need is to go through site.com/page1 with CURL but download site.com/page2/file.zip directly from site.com
I'm using this code but it does not work as expected. It accesses site.com/page1 redirects to site.com/page2/file.zip but opens the file in the browser
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, $_cookie_file);
curl_setopt($ch, CURLOPT_COOKIEFILE, $_cookie_file);
curl_setopt($ch, CURLOPT_REFERER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_exec($ch);
$error = curl_getinfo($ch);
curl_close($ch);
I guess if I can keep the response headers I'll fix the problem. But how do I do it ?? How do I use the same headers for the CURL visitor that the site I am accessing is sending me.
You want the cURL option RETURNTRANSFER set to true so what is returned comes back to you. Since you are trying to save a ZIP file you'll also need to open a file and use the CURLOPT_FILE option to tell cURL where to save your ZIP file.
curl_setopt ($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt ($ch, CURLOPT_TIMEOUT,'180'); # 3 minute timeout
$FileOut = fopen('MyZIP_File.zip','w') or die('Could not open the output data file');
curl_setopt ($ch, CURLOPT_FILE,$FileOut);
curl_exec ($ch);
fclose($FileOut) or die('We ran into a problem saving data file');
This solved the problem.
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, $_cookie_file);
curl_setopt($ch, CURLOPT_COOKIEFILE, $_cookie_file);
curl_setopt($ch, CURLOPT_REFERER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_NOBODY, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_HEADER, true);
$result = curl_exec($ch);
if (preg_match('~Location: (.*)~i', $result, $match)) {
$location = trim($match[1]);
header('Location:' . $location);
}

Failed to connect to curl URL

I am unable to connect with the Curl URL using PHP.
Below is my code, that I am trying to execute.
$url="http://b2b-dev.cenveo.com:6700/dmz/EZComm?fromTp=DiscountLabelsCustomer&toTp=DiscountLabels&operationID=DiscountLabels/1.0/PurchaseOrderRequest";
$xml_content = '<?xml version="1.0" encoding="utf-8"?><Order xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.discountlabels.com http://www.discountlabels.com/DLI_INTGR.xsd" SubmittedDate="2017-12-06 02:52:43" xmlns="http://www.discountlabels.com"><Customer><Name>Cmagnets</Name><PSCustID>987654</PSCustID></Customer><BlindDropshipAddress AddressID=""><Name></Name><Attention></Attention><PostalAddress><Address1></Address1><Address2></Address2><City></City><State></State><PostalCode></PostalCode><Country></Country></PostalAddress><Email></Email><Telephone><PhoneNumber></PhoneNumber></Telephone>
<Fax></Fax><URL></URL></BlindDropshipAddress><Item ItemNumber="1"><Product><CustomDescription>Test product.</CustomDescription>
<ProductCode>1 x 4</ProductCode><Type>Labels</Type><SubType>Standard</SubType><Shape>Rectangle</Shape><ShapeType></ShapeType>
<ProductClass>L</ProductClass><Width>1.0</Width><Height>4.0</Height><Diameter>0.0000</Diameter></Product><Quantity>1000</Quantity><Ink>Black</Ink><Artwork><ArtPath></ArtPath><UserFilename></UserFilename></Artwork><PONumber>PO12345</PONumber>
<FirstLineOfCopy>Test Copy</FirstLineOfCopy><Shipping><Quantity>1000</Quantity><ShipMethod>Fedex</ShipMethod><ShipToAddress AddressID=""><Name>Name</Name><Attention>Sally Sunshine</Attention><PostalAddress><Address1>901 Some Street</Address1>
<Address2>Suite ABC</Address2><City>New Orleans</City><State>LA</State><PostalCode>39532</PostalCode><Country>US</Country></PostalAddress><Email>sally.sunshine#somecompany.com</Email><Telephone><PhoneNumber>5419876543</PhoneNumber><Extension /></Telephone><Fax><PhoneNumber></PhoneNumber><Extension /></Fax><URL></URL></ShipToAddress><Dropship>false</Dropship>
</Shipping><Stock><StockType></StockType><StockSubType></StockSubType><StockColor></StockColor><TintColor></TintColor>
<InsideWindow>false</InsideWindow></Stock><ConsecutiveDigit><BeginDigit></BeginDigit><EndDigit></EndDigit><DigitType></DigitType><SequenceType></SequenceType></ConsecutiveDigit><ItemSpecs><Attribute>Bleed</Attribute><Value>True</Value>
</ItemSpecs><CustPONumber></CustPONumber><Comments>Item Comments</Comments></Item></Order>';
$ch = curl_init();
url_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION,FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,FALSE);
curl_setopt($ch, CURLOPT_SSLVERSION, 3);
curl_setopt($ch, CURLOPT_ENCODING, 'identity');
curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_HTTPHEADER,array("Content-Type: application/xml", "Accept: application/xml"));
curl_setopt($ch, CURLOPT_FAILONERROR, false);
curl_setopt($ch, CURLOPT_TIMEOUT, 10); //times out after 4s
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml_content); // add POST fields
curl_setopt($ch, CURLOPT_POST, 1);
$output = curl_exec($ch);
print_r($output);
if (curl_errno($ch)) {
echo 'Error: ' . curl_error($ch);
}
After Executing the above code I am getting the below Error message.
Error: Failed to connect to b2b-dev.cenveo.com port 6700: Connection refused.
Thanks in advance
Either you're missing some headers, or you have to whitelist your server's ip address with cenveo. There is no error related to curl, just the opposite server denying your connection.

Getting outlook message using cURL php

I want connect to Outlook.com using cURL (php) and get the message from inbox.
<?php
$url = "https://login.live.com/login.srf?wa=wsignin1.0&ct=1369129355&rver=6.1.6206.0&sa=1&ntprob=-1&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fmail.live.com%2F%3Fowa%3D1%26owasuffix%3Dowa%252f&id=64855&snsc=1&cbcxt=mail";
$post_fields ="email=xxxx#outlook.com&pass=xxxx";
$cookie_path = "\hotmail_login\cook";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_path);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
$output = curl_exec ($ch);
echo $output;
?>
Any suggestions?
Thanks in advance
To connect with mail sever you should use POP3 or IMAP, there is no point in using curl for this.
http://php.net/manual/en/function.imap-open.php
here you have examples of how to connect with IMAP using PHP and get messages

How to use CURL via a proxy?

I am looking to set curl to use a proxy server. The url is provided by an html form, which has not been a problem. Without the proxy it works fine. I have found code on this and other sites, but they do not work. Any help in finding the correct solution would be much appreciated. I feel that the bellow are close, but that I am missing something. Thank You.
The bellow code I adapted from here http://www.webmasterworld.com/forum88/10572.htm but it returns an error message about a missing T_VARIABLE on line 12.
<?
$url = '$_POST[1]';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 0);
curl_setopt($ch, CURLOPT_PROXY, '66.96.200.39:80');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST,'GET');
curl_setopt ($ch, CURLOPT_HEADER, 1)
curl_exec ($ch);
$curl_info = curl_getinfo($ch);
curl_close($ch);
echo '<br />';
print_r($curl_info);
?>
The bellow is from curl through proxy returns no content
<?
$proxy = "66.96.200.39:80";
$proxy = explode(':', $proxy);
$url = "$_POST[1]";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_PROXY, $proxy[0]);
curl_setopt($ch, CURLOPT_PROXYPORT, $proxy[1]);
curl_setopt($ch, CURLOPT_HEADER, 1);
$exec = curl_exec($ch);
echo curl_error($ch);
print_r(curl_getinfo($ch));
echo $exec;
?>
is currently live on pelican-cement.com but also does not work.
UPDATE:
Thank you for all your help, I made the above changes. Now it only returns a blank screen.
<?
$url = $_POST['1'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 0);
curl_setopt($ch, CURLOPT_PROXY, '66.96.200.39:80');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST,'GET');
curl_setopt ($ch, CURLOPT_HEADER, 1);
curl_exec ($ch);
$curl_scraped_page = curl_exec($ch);
curl_close($ch);
echo $curl_scraped_page;
?>
Here is a working version with your bugs removed.
$url = 'http://dynupdate.no-ip.com/ip.php';
$proxy = '127.0.0.1:8888';
//$proxyauth = 'user:password';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_PROXY, $proxy);
//curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyauth);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
$curl_scraped_page = curl_exec($ch);
curl_close($ch);
echo $curl_scraped_page;
I have added CURLOPT_PROXYUSERPWD in case any of your proxies require a user name and password.
I set CURLOPT_RETURNTRANSFER to 1, so that the data will be returned to $curl_scraped_page variable.
I removed a second extra curl_exec($ch); which would stop the variable being returned.
I consolidated your proxy IP and port into one setting.
I also removed CURLOPT_HTTPPROXYTUNNEL and CURLOPT_CUSTOMREQUEST as it was the default.
If you don't want the headers returned, comment out CURLOPT_HEADER.
To disable the proxy simply set it to null.
curl_setopt($ch, CURLOPT_PROXY, null);
Any questions feel free to ask, I work with cURL every day.
I have explained use of various CURL options required for CURL PROXY.
$url = 'http://dynupdate.no-ip.com/ip.php';
$proxy = '127.0.0.1:8888';
$proxyauth = 'user:password';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url); // URL for CURL call
curl_setopt($ch, CURLOPT_PROXY, $proxy); // PROXY details with port
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyauth); // Use if proxy have username and password
curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); // If expected to call with specific PROXY type
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); // If url has redirects then go to the final redirected URL.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0); // Do not outputting it out directly on screen.
curl_setopt($ch, CURLOPT_HEADER, 1); // If you want Header information of response else make 0
$curl_scraped_page = curl_exec($ch);
curl_close($ch);
echo $curl_scraped_page;
root#APPLICATIOSERVER:/var/www/html# php connectiontest.php
61e23468-949e-4103-8e08-9db09249e8s1 OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 10.172.123.1:80 root#APPLICATIOSERVER:/var/www/html#
Post declaring the proxy settings in the php script file issue has been fixed.
$proxy = '10.172.123.1:80';
curl_setopt($cSession, CURLOPT_PROXY, $proxy); // PROXY details with port
Here is a well tested function which i used for my projects with detailed self explanatory comments
There are many times when the ports other than 80 are blocked by server firewall so the code appears to be working fine on localhost but not on the server
function get_page($url){
global $proxy;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
//curl_setopt($ch, CURLOPT_PROXY, $proxy);
curl_setopt($ch, CURLOPT_HEADER, 0); // return headers 0 no 1 yes
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // return page 1:yes
curl_setopt($ch, CURLOPT_TIMEOUT, 200); // http request timeout 20 seconds
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); // Follow redirects, need this if the url changes
curl_setopt($ch, CURLOPT_MAXREDIRS, 2); //if http server gives redirection responce
curl_setopt($ch, CURLOPT_USERAGENT,
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.7) Gecko/20070914 Firefox/2.0.0.7");
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies.txt"); // cookies storage / here the changes have been made
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies.txt");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // false for https
curl_setopt($ch, CURLOPT_ENCODING, "gzip"); // the page encoding
$data = curl_exec($ch); // execute the http request
curl_close($ch); // close the connection
return $data;
}

Categories