I've developed a small Dropbox based app. I've done all the coding in PHP using symfony 1.4 and the dropbox-php library. Locally on my machine everything works just fine. But on a public test server the the dropbox-php library fails to retrieve the request tokens.
The app key and app secret are the same on both machines and I'm using the PHP OAuth extension as the OAuth library. The Dropbox App is in development mode and I've also enabled additional users for it from the Dropbox App Dashboard.
Not sure if this helps but here's the piece of code:
$oauth = new Dropbox_OAuth_PHP(sfConfig::get('app_dropbox_app_key'), sfConfig::get('app_dropbox_app_secret'));
$tokens = $oauth->getRequestToken();
...and this the exception thrown:
500 | Internal Server Error | Dropbox_Exception_RequestToken
We were unable to fetch request tokens. This likely means that your consumer key and/or secret are incorrect.
From the error message it looks like the the app key and app secret combination is wrong. But the combination is right since it works on my machine and I've been using it for days to develop this small app. The 43 port is open on the server and the php_oauth.dll is loading correctly.
Any ideas about what I'm doing wrong here?
I've switched to Dropbox_OAuth_Curl but it didn't work either. The error:
Curl error: (77) error setting certificate verify locations:
CAfile: rootca
CApath: none
So I've set:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
And it works.
Can this be somehow related to Dropbox_OAuth_PHP not working?
Related
We're using the Docusign RestAPI (PHP SDK) from our app and it works great. Authentication mode is JWT. I want to use all the code I've written on a different subdomain, but I get this error:
API call to https://account.docusign.com/oauth/token failed: SSL certificate problem: unable to get local issuer certificate
Both domains, my-domain.com and new.my-domain.com have SSL certs installed. What do I do now? What have I missed?
The DocuSign public certificates page lists all certificates.
Scroll down and look for this:
Install the certificate on your server where you are running the code from.
Do you have the standard set of trusted root certs installed in PHP?
This article may help you.
SOLVED: the new subdomain was operating on a different version of PHP. I added the cert paths to that php.ini file and it works as it should now.
I am creating an extension for Active Collab leveraging their SDK. Before installing SSL certificate their were no problems and my code ran fine. After the SSL installation and updating my root_URL and updating the url in the connector portion of my code I now get
Fatal error: Uncaught exception 'ActiveCollab\SDK\Exceptions\CallFailed' with message 'Peer's Certificate issuer is not recognized.'
However my SSL is installed properly. I have no other problems with it.
the relevant portion of code:
error_reporting(E_ALL);
ini_set('display_errors', 1);
require_once '/path/to/public_html/activecollab/5.8.7/activecollab-feather-sdk/vendor/autoload.php';
$authenticator = new \ActiveCollab\SDK\Authenticator\SelfHosted('****', '********','username','password', 'https://url.domain.com'); <=dummy entry
$token = $authenticator->issueToken();
The back trace shows the issue coming up in issueToken(). Does anyone know what may be causing this?
Active Collab SDK 3.1 lets you turn off SSL peer verification, like this:
$authenticator = new \ActiveCollab\SDK\Authenticator\SelfHosted('ACME Inc', 'My Awesome Application', 'you#acmeinc.com', 'hard to guess, easy to remember', 'https://my.company.com/projects', false);
$authenticator->setSslVerifyPeer(false);
Run composer update and tweak your code to turn off SSL verification, and you should be able to connect.
I am trying to get twitter to post to my wall via php and the only way I can see to do it is by first having a auth tocken and to get that I need to ask twitter for it :) Facebook do it better ;p
So I am using ricardoper/twitteroauth to do this and when trying to get the tockens I get this back from hitting the curl file seen here: https://github.com/ricardoper/TwitterOAuth/blob/v2/src/Common/Curl.php
I am unsure if its because I'm running php locally or if its something to do with twitter.
<br />
<b>Fatal error</b>: Uncaught cURL Lib: [60] SSL certificate problem: unable to get local issuer certificate (TwitterOAuth\Exception\CurlException)
thrown in <b>C:\var\www\fbshare\TwitterOAuth\src\Common\Curl.php</b> on line <b>110</b><br />
How can i overcome this error, or be able to post to twitter, but I believe this script does that.
Turns out that the repo I was using's pem wasn't supporting ssl on the local host.
I download a local ssl certificate from here
Replaced line 64 with CURLOPT_CAINFO => '/var/www/cacert.pem', which was the downloaded pem from the link given above and now I can access ssl locally :)
I’ve a simple PHP component that fetches videos from a public playlist on YouTube. I’m using Google’s official PHP SDK and authenticated with a server key (as I only need to access public data, not data in a user context).
Throughout development and into staging, this component has worked fine. However, I’ve moved the application to the client’s production server (a GoDaddy hosting account) and the component’s suddenly stopped working, instead throwing the following error:
Google_Service_Exception in REST.php line 83:
Error calling GET https://www.googleapis.com/youtube/v3/playlistItems?part=snippet&maxResults=50&playlistId=PLAYLIST_ID&userIp=SERVER_IP&key=DEVELOPER_KEY: (403) There is a per-IP or per-Referer restriction configured on your API key and the request does not match these restrictions. Please use the Google Developers Console to update your API key configuration if request from this IP or referer should be allowed.
I don’t understand. The server’s IP address is white-listed in the Google API Console. I know it’s the correct IP address, as I’ve sent a HTTP POST request from the server to another PHP script and captured the REMOTE_ADDR server variable.
I’ve also tried specifying the IP address in the request itself. The full code:
$client = new Google_Client;
$client->setApplicationName($appName);
$client->setDeveloperKey($developerKey);
$service = new Google_Service_YouTube($client);
$service->playlistItems->listPlaylistItems('snippet', array(
'maxResults' => 50,
'playlistId' => $collectionId,
'userIp' => $serverIp,
));
So what’s going? Why is Google deciding it’s not playing ball with the production server?
Short form: I've got some PHP code that is uploading videos from my site to YouTube. I'm using the usual Google-provided PHP library, google-api-php-client. I have this code running on two servers; it works on one (https://www.example.com) but has suddenly stopped working on the other (https://dev.example.com), after a period of working nicely.
Details: The code doing the transfer is relatively standard, as far as I can tell: Once the libraries are loaded and some variables get some values, I'm doing:
$client = new Google_Client();
$client->setClientId($youtube_client_id);
$client->setClientSecret($youtube_client_secret);
$redirect = filter_var('https://example.com/upload-to-youtube', FILTER_SANITIZE_URL);
$client->setRedirectUri($redirect);
$youtube = new Google_YoutubeService($client);
$client->authenticate();
header('Location: ' . $redirect);
For the server that's not working, the $client->authenticate line throws the error:
Google_IOException: HTTP Error: (0) Problem with the SSL CA cert (path? access rights?) in Google_CurlIO->makeRequest() (line 128 of /var/www/html/example/includes/google-api-php-client/src/io/Google_CurlIO.php).
Other possibly-relevant details:
Back in the Developer's Console for my YT application, I have the following Redirect URIs set up:
https://dev.example.com/delete-from-youtube
https://dev.example.com/upload-to-youtube
https://www.example.com/delete-from-youtube
https://www.example.com/upload-to-youtube
According to the SSL certificate tester I found at https://www.sslshopper.com/ssl-checker.html, the certificates on both sites are visible and valid.
The certificate for dev.example.com is from Comodo; the certificate for www.example.com is from GeoTrust. I suppose I could try getting a new cert from GeoTrust, but I'd rather not spend the money unless I know it will fix the problem.
Both servers are running the same version of curl, if that's relevant.
It seems (to me) that the certificate and access to it should be OK (unless the certificate tester is wrong), so I don't understand where the complaint is coming from. The code and the server configuration has been unchanged for quite a while, hence my search for an external explanation. (I understand that these are Famous Last Words, but whatever.) Any thoughts out there? Thanks!
Potential duplicate question:
Amazon MarketplaceWebServiceOrders requests suddenly failing, PHP curl giving SSL CA cert error?
I had to restart the server, not just apache in order to solve the issue.