I've searched almost every thread but nothing happened. I'm trying to connect an SSL3 oracle web service with PHP. I've tried soapclient and nusoap but nothing worked. Also, i've added ssl_method to SOAP_SSL_METHOD_SSLv3 but still got the error.
I've switched to curl and added the ssl version to 3, added header with expect, added mozilla.pem file and also tried with the clients certificate with the option CURLOPT_CAINFO. Setting CURLOPT_SSL_VERIFYPEER worked for the hello but I still get the same error.
The code is below. Any help would be appreciated.
$query= 'http://somesecretclienturl.com/?with=some¶meters=here';
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL,$query);
curl_setopt($ch,CURLOPT_TIMEOUT,60);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,false);
curl_setopt($ch, CURLOPT_SSLVERSION, 3);
$result = curl_exec($ch);
if(empty($result)){
print_r(curl_error($ch));
}else{
print_r('success'); //Never came to this point
}
curl_close($ch);
Note: I can connect to web service and get a response when i try:
curl -i http://somesecretclienturl.com/?with=some¶meters=here from terminal.
Related
I have a server connected to my company via OpenVPN and I am trying to retrieve JSON from another server using PHP's curl command.
Running the most stripped back version of the code in PHP's interactive mode from the command line (php -a), works fine:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'status.int.companyname.com');
curl_exec($ch);
{...expected json response after 2 seconds}
Howver when I run this from within Apache, the script will just hang.
Setting some timeouts and outputting the error
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
echo 'Error: '.curl_error($ch);
Gives the error as
Error: Resolving timed out after 10517 milliseconds
Initially I thought this was a DNS-related issue, but changing the URL to use the IP address or specifying the address to resolve to
curl_setopt($ch, CURLOPT_RESOLVE, [ 'status.int.companyname.com:80:10.10.0.5']);
yeilded a connection error:
Error: Connection timed out after 10001 milliseconds
My next thought was that Apache was using the wrong interface. The VPN is the default gateway, so works fine with everything else but I tried forcing it with
curl_setopt($ch, CURLOPT_INTERFACE, '10.33.0.105');
This made no difference. After reading around a few other posts, I tried adding the following in various combinations but it made no difference.
curl_setopt($ch, CURLOPT_DNS_USE_GLOBAL_CACHE, false);
curl_setopt($ch, CURLOPT_DNS_CACHE_TIMEOUT, 2);
curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
file_get_contents has the same problem
I don't inderstand it. Curl on the command line works and PHP in interactive mode work fine. It just doesn't work when the PHP script is executed via Apache.
Other things I've tried:
starting Apache after the VPN is connected
setting Apache to only bind to IPv4
Resolv.conf contains one nameserver, which is the correct one for the company VPN
The differences between the CLI and Apache versions of php.ini are as expected:
-disable_functions =
+disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
-expose_php = On
+expose_php = Off
-memory_limit = -1
+memory_limit = 128M
Has anyone seen this before? I've lost a few hours of my day on this now and it's driving me mad!
Thanks
This code was working on Cpanel, we moved to a dedicated server that has Plesk (I hate plesk, terrible, but it does work, but Curl not working...)...
This is the code that we have that worked flawlessly on Cpanel server:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "$_pgCheck");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_VERBOSE, true);
$pgCode = curl_exec($ch);
curl_close($ch);
$_pgCheck url has this:
https://example.org/system/page/?var=longkey&user=username
something like that.
I had it output the domain it runs, and went there myself manually, and that page does output a response.
So the curl is not executing.
I added this line to test it:
if($_SERVER['REMOTE_ADDR'] == "x.xx.xxx.xx") { // My IP address so only I see debuggin...
if(!curl_init($ch)){
die('Error: "' . curl_error($ch) . '" - Code: ' . curl_errno($ch));
}
}
and it does die, but with this:
Error: "" - Code:
so no response in curl_error or curl_errno
How do I test it to figure out why it is not working?
Or do you see the error in the curl_init or curl_setopt I need to change?
UPDATE: I went into Plesk - Domains - domain name - PHP Settings and at the bottom, where I can add additional directives, I added:
extension=php_curl.dll
to make sure php compiled Curl.
but that did not change anything after I saved it.
Pretty sure after I saved it, Plesk restarted apache.
Thanks
-Rich
First thing first. Do a phpinfo() on the new server and try to see if curl is enabled. You can just try to find curl in the output of phpinfo() (ctrl+f). If you cannot see curl than you probably need to install curl on that server's php. For that try googling - how to install curl module in php.
Does anyone know what happen on the error as below when calling curl even call yahoo page:
Error code 6 :Couldn't resolve host 'http://www.yahoo.com'; No data of requested type
PHP
$sendurl = "http://www.yahoo.com";
$ch = curl_init($sendurl);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 60);
$result = curl_exec($ch);
if(!$result){
echo $curl_errno($ch).":".curl_error($ch);
}
This error mean that curl can't resolve host name.
There is problem with DNS server on computer where you run this script.
If you run script on your local computer then check it just open www.yahoo.com in your browser.
If you run script on remote server, then you should login to server by SHH and check ping www.yahoo.com. Or ask your hosting support team about this issue.
I think you're missing options for allowing redirects and https. Check it in your browser -> you will get redirected to https URL.
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
I have this very weird issue with curl, when I do a post request to my ubuntu apache server the apache server hangs, if I debug my php code I can see that
$fp = curl_exec($ch);
Never returns. I think the actual post request is correct because I can successfully do the same POST request with postman.
Below are my curl options :
$ch = curl_init();
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER , 0);
curl_setopt($ch,CURLOPT_URL, $this->url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch,CURLOPT_POST,true);
curl_setopt($ch,CURLOPT_HTTPHEADER,$testHeader);
curl_setopt($ch,CURLOPT_POSTFIELDS,$post_data);
$fp = curl_exec($ch);
One weird thing is that if im quick, and reload my apache server
sudo service apache reload
while its in this hanged state the curl_exec immediately returns and I get my data. Im not a real web developer and more of a windows guy so any help would be greatly appreciated. :)
UPDATE
I can see no error reporting from Curl since the process hangs. It never comes to the point where it can give me the error. When I reload the apache server the request returns and then there are no errors reported. I added the CURLOPT_VERBOSE option.
UPDATE 2:
OK I can also run the post from curl commandline both from the host and the client. Worth mentioning is that my host is a virtual machine. Beginning to think its more of a network thing.
OK I finally solved this stupid error with the help of this thread
PHP curl exec fail on php script same domain
The solution was to add:
session_write_close();
before the curl_exec
and then
session_start();
After. I hope I can help someone by writing it here.
I'm trying to write a PHP script using cURL that can authorize a user through a page that uses an SSL certificate, in addition to username and password, and I can't seem to get past the SSL cert stage.
In this case, curl_setopt($handle, CURLOPT_VERIFYPEER, 0) unfortunately isn't an option. The certificate is a required part of authentication, otherwise I get the error mentioned in this other similar SO post.
I've tried a few command-line runs with cURL:
> curl --url https://website
This returns the (60) SLL certificate problem error. If I adjust the command to include the --cacert option:
> curl --url https://website --cacert /path/to/servercert.cer
It works just fine; the auth website is returned.
However, I've tried the following PHP code:
$handle = curl_init();
$options = array(
CURLOPT_RETURNTRANSFER => false,
CURLOPT_HEADER => true,
CURLOPT_FOLLOWLOCATION => false,
CURLOPT_SSL_VERIFYHOST => '0',
CURLOPT_SSL_VERIFYPEER => '1',
CURLOPT_CAINFO => '/path/to/servercert.cer',
CURLOPT_USERAGENT => 'Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)',
CURLOPT_VERBOSE => true,
CURLOPT_URL => 'https://website'
);
curl_setopt_array($handle, $options);
curl_exec($handle);
if (curl_errno($handle)) {
echo 'Error: ' . curl_error($handle);
}
curl_close($handle);
I would have thought the code was essentially analogous to the shell commands, but instead I'm greeted with the following error message:
Error: error setting certificate verify locations: CAfile: /path/to/servercert.cer CApath: none
I've read all the literature I can find (particularly on php.net and curl.haxx) and can't seem to find anything that fixes this problem. Any suggestions?
I have tried chmod 777 servercert.cer with no success. However, in executing the PHP script with the above code from the command line instead of the browser via php test.php, it works perfectly. Any explanation for why it doesn't work in the browser?
Because things work via the command line but not via php using curl then I would pursue curl being the problem.
According to this URL, http://curl.haxx.se/docs/sslcerts.html, which was reference in an SO post you cited above ( reading SSL page with CURL (php) )...
"Until 7.18.0, curl bundled a severely outdated ca bundle file that was
installed by default. These days, the curl archives include no ca certs at
all. You need to get them elsewhere. See below for example.
If the remote server uses a self-signed certificate, if you don't install a CA
cert bundle, if the server uses a certificate signed by a CA that isn't
included in the bundle you use or if the remote host is an impostor
impersonating your favorite site, and you want to transfer files from this
server, do one of the following:"
It then goes on to list a number of steps that you can try.
Since your 7.16.3 version of curl is prior to 7.18.0, if you haven't already, I would recommend updating your curl and openssl components and then working through the list referenced above.
To elaborate and sum this up:
if you have a PHP file using PHP curl and place the ca certificate for your systems in the same directory, the below code will give you a jumpstart
$url = "https://myserver.mydomain.local/get_somedata.php";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
//These next lines are for the magic "good cert confirmation"
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_VERBOSE, true);
//for local domains:
//you need to get the pem cert file for the root ca or intermediate CA that you signed all the domain certificates with so that PHP curl can use it...sorry batteries not included
//place the pem or crt ca certificate file in the same directory as the php file for this code to work
curl_setopt($ch, CURLOPT_CAINFO, __DIR__.'/cafile.pem');
curl_setopt($ch, CURLOPT_CAPATH, __DIR__.'/cafile.pem');
//DEBUG: remove slashes on the next line to prove "SSL verify" is the cause
//curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//Error handling and return result
$data = curl_exec($ch);
if ($data === false) {
$result = curl_error($ch);
} else {
$result = $data;
}
// Close handle
curl_close($ch);
return $result;
After 6 years of the question, I meet the same problem on a shared-host, and apparently there is no satisfactory answer. I found for myself a solution, hope it useful for everybody.
You can try this config:
curl_setopt($config,CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($config,CURLOPT_SSL_VERIFYPEER,1);
curl_setopt($config,CURLOPT_CAINFO,'ca-bundle.crt');
curl_setopt($config,CURLOPT_CAPATH,'ca-bundle.crt');
I met same error with #Magsol: Error: error setting certificate verify locations: CAfile: /path/to/servercert.cer CApath: none; so I added the 4th line to set CAPath.
It's work with me. But note, the CA file must be place in accessable dir (with chmod 755 or 777) and it will better if CA file is in the same dir with PHP file.
Now that this question is vey old, but maybe could be useful for some users looking for an answer currently.
I have a similar problem about an API with SSL, having problems with CURL (not with the browsers) my problem was that I just put the certificate but not the ceritifcates chain/bundle. Then I put that and things started working. So that's important in order to avoid problems.
Hope this can be useful for someone.
You can try this if it works for you:
curl_setopt($ch, CURLOPT_URL, "https://test.example.com/v1/authenticate.json?api_key=123456");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_FAILONERROR, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch,CURLOPT_CAINFO,'cert.embedapp.20191004.pem');
curl_setopt($ch,CURLOPT_CAPATH,'./cert.embedapp.20191004.pem');
Comment these lines and add this:
//curl_setopt($ch,CURLOPT_CAINFO,'cert.embedapp.20191004.pem');
//curl_setopt($ch,CURLOPT_CAPATH,'./cert.embedapp.20191004.pem');
curl_setopt($ch, CURLOPT_SSLCERT,'cert.embedapp.20191004.pem');