I am using the following code to access a URL (the URL uses the https protocol, and has a valid certificate)
// Initialize session and set URL.
$url = https://my url;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
// Set so curl_exec returns the result instead of outputting it.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Get the response and close the channel.
$response = curl_exec($ch);
curl_close($ch);
But the output i get is this:
Failed: Error Number: 60. Reason: SSL certificate problem, verify that
the CA cert is OK. Details: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Can somebody please guide me?
use 'CURLOPT_RETURNTRANSFER'
$res = curl_init ('url');
curl_setopt($res,CURLOPT_RETURNTRANSFER,true);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$out = curl_exec($res);
curl_close($res);
echo $out;
for more info read this
Try adding:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
Related
I have a php script in my Apache server that have to send a curl request to a partner's server.
Partner give me a .pem file that I have to attach to every call I do to its api.
My php script is the follow:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSLCERT, "test.pem" );
curl_setopt($ch,CURLOPT_SSLCERTTYPE,"PEM");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, True);
curl_setopt($ch, CURLOPT_POST, True);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POSTFIELDS, $json);
curl_setopt($ch, CURLOPT_VERBOSE, true);
$result = curl_exec($ch);
if(!$result)
{
echo "Curl Error: " . curl_error($ch);
}
else
{
echo "Success: ". $result;
}
curl_close($ch);
It returns:
Curl Error: unable to set private key file: 'test.pem' type PEM
Consider that it sends me .pem file and says "it has no passphrase"
I think that you need to use the tmpfile() and stream_get_meta_data.
$pemFile = tmpfile();
fwrite($pemFile, "test.pem");//the path for the pem file
$tempPemPath = stream_get_meta_data($pemFile);
$tempPemPath = $tempPemPath['uri'];
curl_setopt($ch, CURLOPT_SSLCERT, $tempPemPath);
Source: This answer here in SO helps me with similar problem.
I think you're missing
curl_setopt($ch, CURLOPT_CAINFO, 'test.pem');
Have a look at cURL is unable to use client certificate , in local server
for more about using client certificates in curl via PHP
I'm trying to make a bot for: https://coinroll.it/api
From the site:
The Coinroll API is a stateless interface which works over HTTPS. Requests are made using POST variables (application/x-www-form-urlencoded) while responses are encoded in JSON (application/json). A HTTPS connection is required for accessing the API.
I have the following code:
$ch = curl_init();
$data = array('user' => 'xxx', 'password' => 'yyy');
curl_setopt($ch, CURLOPT_URL, 'https://coinroll.it');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($ch);
echo $result;
When I run this code, it returns a blank page, what am I doing wrong?
EDIT
I don't actually need to use cURl, if there is a better solution, please tell me.
You can prevent cURL from trying to verify the SSL certificate by using CURLOPT_VERIFYPEER.
Also set the action in the URL:
$ch = curl_init();
$data = array('user' => 'xxx', 'password' => 'yyy');
curl_setopt($ch, CURLOPT_URL, 'https://coinroll.it/getbalance');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec($ch);
echo $result;
You can use the following cURL option in order to see what happens with the HTTP connection:
curl_setopt($ch, CURLOPT_VERBOSE, true);
When TRUE it outputs verbose information.
Today I had the case where "It had been working fine until now.", but it stopped working when the FQDN changed, and I had to self-sign another certificate, with a different DN.
After a few experiments, it turned out to be that the Subject Alternate Name (aka SAN) was not matching the certificate name, and the curl call had not been set with CURLOPT_SSL_VERIFYHOST, 2.
Conclusion: by default, CURLOPT_SSL_VERIFYHOST is set to 2, but, if your cert SAN is wrong, it will fail, unless you deactivate CURLOPT_SSL_VERIFYHOST, and, with it, CURLOPT_SSL_VERIFYPEER.
It is obviously the best practice to set both, and have a SAN that matches the subject.
Reminder: this is how to quickly check the SAN using OpenSSH on command line:
openssl x509 -in /etc/ssl/certs/recette.pharmags.fr.crt -noout -text | grep -A1 "Subject Alternative Name"
I am trying to fire a HTTP GET request on a secured URL which asks for username and password. This is fine when I am using that from browser but I am not sure how to do that using PHP.
I have tried using the two methods:
1) Using Curl as suggested in here: Make a HTTPS request through PHP and get response
2) Using the file_get_contents as suggested in here: How to send a GET request from PHP?
But the first one didn't give me any response back. And the second one gave me the following error:
failed to open stream: HTTP request failed
And this is my code for the curl:
$url="https://xxxxx.com";
$ch=curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);
echo $response;
and for the file_get_contents:
$url="https://xxxx.com";
$response=file_get_contents($url);
echo $response;
The URL will return a XML response for a API I am testing. Can someone point me to the right direction?
Thanks!
If we focus on the requirement to send a username and password because I suspect that's your main problem, try this
$ch = curl_init();
$url="https://xxxxx.com";
// OR - check with your server's operator
$url="http://xxxxx.com";
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
// or maybe
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
// - see http://stackoverflow.com/questions/4753648/problems-with-username-or-pass-with-colon-when-setting-curlopt-userpwd
// check the cURL documentation
$output = curl_exec($ch);
$info = curl_getinfo($ch);
// don't forget to check the content of $info, even a print_r($info) is better
// than nothing during debug
curl_close($ch);
I'm trying to use the PHP Curl library to connect to Experian's API.
When I post a HTTPS request to Experian, I get an HTTP 200 OK response, but nothing more. I am expecting a TTY or ARF response. Do anyone have insight in what I'm doing wrong?
Here's a snippet of my code below for reference
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL,'http://stg1.experian.com/lookupServlet1?lookupServiceName=AccessPoint&lookupServiceVersion=1.0&serviceName=NetConnectDemo&serviceVersion=2.0&responseType=text/plain'); //not the actual site
//For Debugging
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch, CURLOPT_TIMEOUT,60);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POST,1);
//#2-Net Connect client receives ECALS response. This is the Net Connect URL.
$ecals_url = curl_exec($ch);
//#3-Net Connect client validates that the URL ends with “.experian.com”. If the URL is valid, the processing continues; otherwise, processing ends.
$host_name = parse_url( $ecals_url );
$host_name = explode(".", $host_name['host'] );
$host_name = $host_name[1].'.'.$host_name[2];
if( $host_name == "experian.com" )
{
//#4-Net Connect client connects to Experian using URL returned from ECALS.
echo "step 4 - connect to secure connection<br>";
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch,CURLOPT_URL,$ecals_url);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_USERPWD,"$username:$password");
curl_setopt($ch,CURLOPT_CERTINFO,1);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,1);
curl_setopt($ch, CURLOPT_TIMEOUT, 10); //times out after 10s
curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
curl_setopt($ch, CURLOPT_COOKIEJAR, "cookie.txt");
curl_setopt($ch, CURLOPT_COOKIEFILE, "cookie.txt");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
$result = curl_exec ($ch);
print_r ($result);
It has been a while since I messed with our Experian Net Connect service but I believe you have to base64 encode the username:password value for their system to take it.
I am attempting to send a file to an Https URL with this code:
$file_to_upload = array('file_contents'=>'#'.$target_path);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $target_url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSER, FALSE);
curl_setopt($ch, CURLOPT_UPLOAD, TRUE);
curl_setopt($ch, CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, 'file='.$file_to_upload);
$result = curl_exec($ch);
$error = curl_error($ch);
curl_close ($ch);
echo " Server response: ".$result;
echo " Curl Error: ".$error;
But for some reason I'm getting this response:
Curl Error: Failed to open/read local data from file/application
Any advice would help thanks!
UPDATE: When I take out CURLOPT_UPLOAD, I get a response from the target server but it says that there was no file in the payload
You're passing a rather strange argument to CURLOPT_POSTFIELDS. Try something more like:
<?
$postfields = array('file' => '#' . $target_path);
// ...
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
?>
Also, you probably want CURLOPT_RETURNTRANSFER to be true, otherwise $result won't get the output, it'll instead be sent directly to the buffer/browser.
This example from php.net might be of use as well:
<?php
$ch = curl_init();
$data = array('name' => 'Foo', 'file' => '#/home/user/test.png');
curl_setopt($ch, CURLOPT_URL, 'http://localhost/upload.php');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_exec($ch);
?>
On top of coreward's answer:
According to how to upload file using curl with php, starting from php 5.5 you need to use curl_file_create($path) instead of "#$path".
Tested: it does work.
With the # way no file gets uploaded.