I am integrating with FirstData wsdl. following the First Data Global Gateway
Web Service API
Integration Guide
. $kslocation is path to .key file. $kslocation is the path to .pem file and all these paths are valid.
$ch = curl_init($wsdl);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$userid:$password");
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSLCERT, $pemlocation);
curl_setopt($ch, CURLOPT_SSLKEY, $kslocation);
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, $keyname);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
echo curl_error($ch)."\n";
curl_close($ch);
is giving me error.
SSL read: error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1
alert decrypt error, errno 0
The problem was I was using the test account url. I changed it to the live url and it worked.
Related
I have to call an api that requires the client certificate authentication.
I test this api in postman with client certification and its working perfectly.
Now i want to do it with php curl.
I tried below code but its giving me following error.
HTTP/2 stream 0 was not closed cleanly: HTTP_1_1_REQUIRED (err 13)
$url = 'https://someurl';
$json = 'somejson';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true);
curl_setopt($ch, CURLOPT_SSLCERT, __DIR__."/certificate.pem");
curl_setopt($ch, CURLOPT_SSLCERTTYPE, 'PEM');
curl_setopt($ch, CURLOPT_SSLKEY, __DIR__."/privatekey.key");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
curl_setopt($ch, CURLOPT_POSTFIELDS, $json);
$responseData = curl_exec($ch);
if(curl_errno($ch)) {
echo curl_error($ch);
}
curl_close($ch);
The error message has all the clues you need: HTTP_1_1_REQUIRED
TLS client certificates are not supported for HTTP/2, so you need to make sure your curl request is done using HTTP/1.1 by explicitly asking for that. curl will by default upgrade to HTTP/2 on HTTPS URLs otherwise.
Set CURLOPT_HTTP_VERSION to CURL_HTTP_VERSION_1_1.
I'm using curl to send an xml file over https to the rightmove API - they supplied me with all the certificates.
I am getting the error :
60SSL certificate problem: unable to get local issuer
certificateResult =
I have tried everything i have found on every other stackoverflow post similar and nothing is working, i have tried downloading the old cacert.pem and changed the files in php.ini - ive installed my personal information file andcreated a certificate on the browser and local machine and nothing is removing the error 60.
This is my PHP :
<?php
$xml = file_get_contents("myxml.xml");
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt ($ch, CURLOPT_CAINFO, dirname(__FILE__).'\mypem.pem');
curl_setopt($ch, CURLOPT_URL, "https://adfapi.adftest.rightmove.com/v1/property/sendpropertydetails");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_REFERER, 'https://adfapi.adftest.rightmove.com/v1/property/sendpropertydetails');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_VERBOSE , 1);
$ch_result = curl_exec($ch);
print curl_errno($ch);
print curl_error($ch);
echo "Result = ".$ch_result;
curl_close($ch);
?>
this has had me banging my head for days, i would be very grateful for any assistance.
For my particular case i needed to add the keyfile, sslcert and cert password.
//$xml = file_get_contents("thexmlfile.xml");
$xml= $propertyXml->asXML();
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . '\pemfile.pem');
curl_setopt($ch, CURLOPT_URL, "https://adfapi.adftest.rightmove.com/v1/property/sendpropertydetails");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_SSH_PRIVATE_KEYFILE, getcwd() . '\myjks.jks');
curl_setopt($ch, CURLOPT_SSLCERT, getcwd() . '\pemfile.pem');
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, "thesslpassword");
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_REFERER, "https://adfapi.adftest.rightmove.com/v1/property/sendpropertydetails");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_VERBOSE , 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$ch_result = curl_exec($ch);
print curl_errno($ch);
print curl_error($ch);
echo "Result = ".$ch_result;
curl_close($ch);
It is failing as curl is unable to verify the certificate provided by the server.
There are two options to get this to work:
1 Allows curl to make insecure connections, that is curl does not verify the certificate.
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
2 Add the root CA (the CA signing the server certificate) in php.ini
curl.cainfo=/path/to/cacert.pem
You should use option 2 as thats the option that ensures that you are connecting to secure ftp server.
I was getting the same "SSL certificate problem: unable to get local issuer certificateResult" error with HTTP GET to a remote https site. I only needed to provide the CA cert to php curl, ie CURLOPT_CAINFO:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_CAINFO, "/path/to/CA_Bundle.crt");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$output = curl_exec($ch);
if (curl_errno($ch)) {
$error_msg = curl_error($ch);
print "curl_error: $error_msg <br>";
} else {
print "output: $output<br>";
}
curl_close($ch);
I am using curl library to get the XML but getting error of connection with host. Following is my code, I have just removed the credentials.
$url="https://interface.callport.net:8080/P-RVWR-drcm01-cti/call/2142100570";
$curl_post_data = array(
"query_type" => 'caller_info',
"dnis" => '8883874944',
);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, base64_encode('webapi#fastfix:color43t'));
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $curl_post_data);
$result = curl_exec($ch);
if(curl_errno($ch))
{
echo 'Curl error: ' . curl_error($ch);
}
else
{
echo $result;
}
curl_close($ch);
It's SSL so this usually fixes the problem. cURL does not verify the certificate then.
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
[edit] I solved the problems. First the SSL as described above, then I removed the base64 encoding of the username and password, changed so the data is sent by GET instead of POST and lastly fixed the headers.
$url="https://interface.callport.net:8080/P-RVWR-drcm01-cti/call/2142100570?query_type=caller_info&dnis=8883874944";
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/xml'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, 'webapi#fastfix:color43t');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
I need to get information from https site, it has http authentication, i did some research and i know that i need to use curl so there is my code
$ch = curl_init();
$url = 'https:/....';
$username ='user';
$password ='userspassword';
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_SSLKEYTYPE,"PEM");
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSLCERT, '/var/www/cert/ows.pem');
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, ' ');
curl_setopt($ch, CURLOPT_SSLKEY, '/var/www/cert/ssl-cert-snakeoil.pem');
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, ' ');
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSLVERSION,3)
and i get "unable to set private key file: '/var/www/cert/ssl-cert-snakeoil.pem' type PEM58" if i dont use any pem i get empty response from server, if i do i cant load them.. where i can find sslcert and sslkey on my system? and how to format them correcly, becouse if i export them directly from firefox it.
I'm trying to intigrate First data Payment Getway in my site
Config file for FirstData Payment Gateway
define("FDAPI_URL","https://ws.merchanttest.firstdataglobalgateway.com/fdggwsapi/services/order.wsdl");
define("FD_USERPWD","WSXXXXXXXX._.1:XXXXXXXX");
define("FD_SSLCERT", "/home/flagcases/domains/usaflagcases.com/public_html/certificate/WSXXXXXXXX._.1.pem");
define("FD_SSLKEY","/home/flagcases/domains/usaflagcases.com/public_html/certificate/WSXXXXXXXX._.1.key");
define("FD_SSLKEYPASSWD", "ckp_XXXXXXXX");
$ch = curl_init(FDAPI_URL);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, FD_USERPWD);
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSLCERT, FD_SSLCERT);
curl_setopt($ch, CURLOPT_SSLKEY, FD_SSLKEY);
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, FD_SSLKEYPASSWD);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
if ($result === false)
{
echo curl_error($ch);
}
Alway I got Curl Error
unable to use client certificate (no key found or wrong pass phrase?) Curl Error
Please try to add WSXXXXXXXX..1.p12 might be help you... Where you added WSXXXXXXXX..1.pem and WSXXXXXXXX._.1.key