I had a problem. When you send a POST request with the CURL library to HTTPS get the error: SSL certificate problem, verify that the CA cert is OK. Details: error: 14090086: SSL routines: SSL3_GET_SERVER_CERTIFICATE: certificate verify failed. using current certificate.
I tried various certificates FROM http://www.startssl.com/certs/ and FROM http://curl.haxx.se/docs/caextract.html
Tell me what could be the cause of the error?
Here's the code POST request:
curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);
curl_setopt($process, CURLOPT_COOKIEFILE, $this->cookie_file);
curl_setopt($process, CURLOPT_COOKIEJAR, $this->cookie_file);
curl_setopt($process, CURLOPT_ENCODING , '');
curl_setopt($process, CURLOPT_CONNECTTIMEOUT, 120);
curl_setopt($process, CURLOPT_TIMEOUT, 120);
curl_setopt($process, CURLOPT_PROXY,$this->proxy);
curl_setopt($process, CURLOPT_POSTFIELDS, $data);
curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($process, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process,CURLOPT_VERBOSE,1);
if($ssl){
curl_setopt ($process, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt ($process, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($process ,CURLOPT_CAINFO, YiiBase::getPathOfAlias('webroot').'/files/GTECyberTrustGlobalRoot.crt');
}
curl_setopt ($process, CURLOPT_HTTPHEADER, array('Expect:'));
$return = curl_exec($process);
$this->error_code = curl_getinfo($process, CURLINFO_HTTP_CODE);
Here is a working example. You should take a look a your options (reduce the number of option for test) and just set the CURLOPT_SSL_VERIFYPEER to false in order to disable the CA check.
// connect via SSL, but don't check cert
$handle=curl_init('https://www.google.com');
curl_setopt($handle, CURLOPT_VERBOSE, true);
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, false);
$content = curl_exec($handle);
echo $content; // show target page
check HERE
Related
I had working code that used my VPN (NordVPN) credentials through their SOCKS5 protocol.
Recently, they have dropped support for SOCKS5 so I have to use their other protocols, however I am unable to get any to work.
All of their available protocols can be seen here
https://nordvpn.com/servers/tools/
- IKEv2/IPSec
- OpenVPN
- Wireguard
- HTTP Proxy (SSL)
Here is my code, attempting to use their "HTTP Proxy (SSL)" protocol
$cookie_file = tempnam("/tmp", "CURLCOOKIE");;
$ch = curl_init();
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_ENCODING, "");
curl_setopt($ch, CURLOPT_AUTOREFERER, true);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 120); // in seconds
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_PROXYTYPE, 'HTTP');
curl_setopt($ch, CURLOPT_PROXYPORT, "443");
curl_setopt($ch, CURLOPT_PROXY, "au643.nordvpn.com");
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyUser . ":" . $proxyPass);
curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
curl_setopt($ch, CURLOPT_URL, $Url);
$result = curl_exec($ch);
curl_close($ch);
The error I get is
curl_exec(): supplied resource is not a valid cURL handle resource in ...
I don't really care what protocol it is, just need it to work.
Thanks.
After facing the same issue, I have worked out a solution
$PROXY_HOST = "xxx.xxxxxx.com";
$PROXY_PORT = "89";
$PROXY_USER = "yourproxyusername";
$PROXY_PASS = "yourproxypassword";
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_PROXY_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, "$PROXY_USER:$PROXY_PASS");
curl_setopt($ch, CURLOPT_PROXY, "https://$PROXY_HOST:$PROXY_PORT");
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response= curl_exec($ch);
$error = curl_error($ch);
echo $error;
echo $response;
curl_close($ch);
One thing to note is that for NordVPN you have to use the port 89 for HTTP Proxy (SSL) and the username and password is not your account username and password, but your proxy specific credentials that you can find on your account page.
Also dont quote me on this, but I think you need to use PHP 7.3+ for this to work.
we can use it with protonvpn or vpnbook ?
$process = curl_init();
$temporary_cookie_file = 'temporaryfiles/'.strtolower($user_general_information['Username']).'_cookies.txt';
$temporary_cookie_file_handler = fopen($temporary_cookie_file, 'w');
fclose($temporary_cookie_file_handler);
$user_data = array('TCNK'=>'authenticationEntryComponent', 'submitEvent'=>'1', 'guestLoginEvent'=>'', 'enterClicked'=>'true', 'bscf'=>'', 'bscv'=>'', 'targetEntid'=>'', 'ajaxSupported'=>'yes', 'screenName'=>$user_general_information['Username'], 'kclq'=>$user_general_information['Password']);
curl_setopt($process, CURLOPT_URL, 'https://www.edline.net/post/InterstitialLogin.page');
curl_setopt($process, CURLOPT_USERAGENT, 'Chrome/12.0.742.122');
curl_setopt($session, CURLOPT_POST, true);
curl_setopt($session, CURLOPT_POSTFIELDS, http_build_query($user_data));
curl_setopt($process, CURLOPT_TIMEOUT, 0);
curl_setopt($process, CURLOPT_RETURNTRANSFER, true);
curl_setopt($process, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($process, CURLOPT_COOKIEJAR, realpath($temporary_cookie_file));
curl_setopt($process, CURLOPT_COOKIEFILE, realpath($temporary_cookie_file));
curl_setopt($process, CURLOPT_HEADER, false);
$results_1 = curl_exec($process);
var_dump($results_1);
die();
I am trying to use POST form data to log into a site and then store the created cookies in a temporary file. I've looked at other discussions that talk about doing this and did as them but it doesn't work. When I try, it simply refreshes the page with no changes. I've been working on this for hours...Any ideas of what I am doing wrong?
I'm using curl to send an xml file over https to the rightmove API - they supplied me with all the certificates.
I am getting the error :
60SSL certificate problem: unable to get local issuer
certificateResult =
I have tried everything i have found on every other stackoverflow post similar and nothing is working, i have tried downloading the old cacert.pem and changed the files in php.ini - ive installed my personal information file andcreated a certificate on the browser and local machine and nothing is removing the error 60.
This is my PHP :
<?php
$xml = file_get_contents("myxml.xml");
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt ($ch, CURLOPT_CAINFO, dirname(__FILE__).'\mypem.pem');
curl_setopt($ch, CURLOPT_URL, "https://adfapi.adftest.rightmove.com/v1/property/sendpropertydetails");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_REFERER, 'https://adfapi.adftest.rightmove.com/v1/property/sendpropertydetails');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_VERBOSE , 1);
$ch_result = curl_exec($ch);
print curl_errno($ch);
print curl_error($ch);
echo "Result = ".$ch_result;
curl_close($ch);
?>
this has had me banging my head for days, i would be very grateful for any assistance.
For my particular case i needed to add the keyfile, sslcert and cert password.
//$xml = file_get_contents("thexmlfile.xml");
$xml= $propertyXml->asXML();
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . '\pemfile.pem');
curl_setopt($ch, CURLOPT_URL, "https://adfapi.adftest.rightmove.com/v1/property/sendpropertydetails");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_SSH_PRIVATE_KEYFILE, getcwd() . '\myjks.jks');
curl_setopt($ch, CURLOPT_SSLCERT, getcwd() . '\pemfile.pem');
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, "thesslpassword");
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_REFERER, "https://adfapi.adftest.rightmove.com/v1/property/sendpropertydetails");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_VERBOSE , 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$ch_result = curl_exec($ch);
print curl_errno($ch);
print curl_error($ch);
echo "Result = ".$ch_result;
curl_close($ch);
It is failing as curl is unable to verify the certificate provided by the server.
There are two options to get this to work:
1 Allows curl to make insecure connections, that is curl does not verify the certificate.
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
2 Add the root CA (the CA signing the server certificate) in php.ini
curl.cainfo=/path/to/cacert.pem
You should use option 2 as thats the option that ensures that you are connecting to secure ftp server.
I was getting the same "SSL certificate problem: unable to get local issuer certificateResult" error with HTTP GET to a remote https site. I only needed to provide the CA cert to php curl, ie CURLOPT_CAINFO:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_CAINFO, "/path/to/CA_Bundle.crt");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$output = curl_exec($ch);
if (curl_errno($ch)) {
$error_msg = curl_error($ch);
print "curl_error: $error_msg <br>";
} else {
print "output: $output<br>";
}
curl_close($ch);
I am trying to build a cURL request to download a pdf. I am getting the "Error:Maximum (100) redirects followed" error and believe it is due to a cookie issue. Here's the relevant code from my cURL request:
$cookie_file = "/home/mrpeanut/php/cookie.txt"
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSLVERSION, 4);
curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, implode(':', $arrayCiphers));
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 100);
curl_setopt($ch, CURLOPT_TIMEOUT, 20);
curl_setopt($ch, CURLOPT_COOKIEJAR, realpath($cookie_file));
curl_setopt($ch, CURLOPT_COOKIEFILE, realpath($cookie_file));
And have also tried CURLOPT_COOKIEJAR, '-' (from here), all without luck. The pdf downloads just fine using a browser. However, it downloads even if I disable all cookies using the Web Developer toolbar (so maybe that's not my true issue?).
You need to send CURLOPT_COOKIE with the value of your PHPSESSID. That is how the server is going to identify the cookie.
You should add this
curl_setopt($ch, CURLOPT_COOKIE, 'PHPSESSID=' . $_COOKIE['PHPSESSID'] . '; path=/');
I've got this piece of code to launch queries with curl:
function curl_query($full_url, $username, $password, $payload) {
$additionalHeaders = "";
$process = curl_init($full_url);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded', $additionalHeaders));
curl_setopt($process, CURLOPT_HEADER, 0);
curl_setopt($process, CURLOPT_USERPWD, $username . ":" . $password);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $payload);
curl_setopt($process, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($process, CURLOPT_MAXREDIRS, 4);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($process, CURLOPT_SSL_VERIFYPEER, FALSE);
$return = curl_exec($process);
if ($return === false) {
error_log("CURL error ".curl_error($process));
}
return $return;
}
The option CURLOPT_SSL_VERIFYPEER is set to false so I can read pages with self-signed certificates. However when I execute this code against an https URL I get an error:
CURL error SSL: certificate subject name 'localhost' does not match target host name '192.168.1.1',
I run this code on a CentOS 5 server with php53 package installed.
Thanks in advance
Add the option CURLOPT_SSL_VERIFYHOST
curl_setopt($process, CURLOPT_SSL_VERIFYHOST, FALSE);
I realized, that the english version of the PHP documentation missing this important information:
(translated from the german version of the PHP manual)
CURLOPT_SSL_VERIFYHOST has to be set to true or false if CURLOPT_SSL_VERIFYPEER has been deactivated.
curl_setopt($process, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($process,CURLOPT_SSL_VERIFYHOST, FALSE);
ADD THIS TO LINES WILL HELP