I'm having issues with Windows MAMP Pro 3.3.1 getting PHP's CURL to work.
More specifically issue is that I can send requests to APIs using curl_exec, but it always returns false.
When I tried to do the same thing with XAMPP it returns full response with no issues.
I tried changing PHP version, I checked that php curl extensions is enabled and I can see CURL info in phpinfo.
Does any one know why and how to fix this issue with MAMP?
So I've seen the issue. Apparently (still need to investigate), a CURL request does not get the certificate from the browser, unlike HTTPS. We'll need to manually download the certificate of the site and add it to the PHP ini.
I got the certificate from here:
https://curl.haxx.se/ca/cacert.pem
Add the path to php.ini. You should see ;curl.cainfo under [curl]. Uncomment and add the path:
curl.cainfo = "path_to_cert\cacert.pem"
Restart apache and it'll work (at least mine did).
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
I am having trouble getting either a cURL request or file_get_contents() for a https page that returns JSON. Please note that I have looked at multiple StackOverflow topics with similar problems, but none seem to address my specific issue.
BACKGROUND: I am using a MAC running OS X 10.10.3 (Yosemite). I just installed XAMPP 5.6.8 so that I can run a local web server in order to play around with php, etc.
GOAL: I would like to simply display the contents of a JSON object returned by a https GET request. For context, the page is https://api.discogs.com/releases/249504.
ACTIONS: I have read on other posts that for retrieving HTTPS pages I must make the following out-of-the-box changes in my php.ini file, which I have done:
- uncomment/turn on allow_url_fopen=On
- uncomment/turn on allow_url_include=on
- uncomment extension=php_openssl.dll
RESULTS:
Using file_get_contents()...
Code:
<?php
$url = "https://api.discogs.com/releases/249504";
$text = file_get_contents($url);
var_dump($text);
?>
Result:
Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /Applications/XAMPP/xamppfiles/htdocs/phpWorkspace/firstPhp/firstPhp.php on line 5
Warning: file_get_contents(): Failed to enable crypto in /Applications/XAMPP/xamppfiles/htdocs/phpWorkspace/firstPhp/firstPhp.php on line 5
Warning: file_get_contents(https://api.discogs.com/releases/249504): failed to open stream: operation failed in /Applications/XAMPP/xamppfiles/htdocs/phpWorkspace/firstPhp/firstPhp.php on line 5
bool(false)
Using cURL...
Code:
https://api.discogs.com/releases/249504";
// Initiate curl
$ch = curl_init();
// Will return the response, if false it print the response
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Set the url
curl_setopt($ch, CURLOPT_URL,$url);
// Execute
$result=curl_exec($ch);
// Closing
curl_close($ch);
var_dump($result);
?>
Result:
bool(false)
Any recommendations would be extremely helpful. I've played around with different cURL calls based on other SO posts, each have either returned NULL, an error related to certificates/authentication, or like above.
UPDATE!
I added CURLOPT_SSL_VERIFYPEER to my cURL code and set it to off in order to validate that I could at least communicate with the server - which helped me then identify that I needed to provide a user agent. However, when I removed the SSL_VERIFYPEER, I still had certificate issues.
As a last ditched effort I uninstalled XAMPP, and turned on the php/apache from within the Mac OS. Once configured, out-of-the-box both the the cURL and FILE_GET_CONTENTS() calls worked with the user agent using the same code as above [frustrating!].
My gut tells me that I had a bad configuration in XAMPP related to my certificates. Interestingly though I didn't see much online as this being an issue with other XAMPP users.
Try adding this
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,false);
The certificate is not being successfully verified. This may not correct it depending on how severe the issue is.
You should not rely on this as a fix, however it should tell you if your system can even communicate with theirs. Reference the post Frankzers posted.
What can cause an error 60 for cURL? Certificate is identical to the one used in local environment but raises an error on production.
(original problem)
So I'm trying to integrate Illuminate\Socialize into my app, with a Facebook login. It all seems to work out fine locally, and on my production server I obtain the following error:
RequestException in MultiAdapter.php line 234:
[curl] (#60) See http://curl.haxx.se/libcurl/c/libcurl-errors.html
for an explanation of cURL errors [url]
https://graph.facebook.com/oauth/access_token?client_id={client_id}
&client_secret={secret}&code={code}&redirect_uri={redirect-uri}
It seems that error 60 comes from a certificate error.
A few points:
My Google module works in production as expected.
I'm on shared hosting.
The redirect-uri is authorized
Any directions on a solution would be greatly appreciated!
Edit:
I managed to make it work twisting Adapter\Curl\CurlFactory.php, adding after curl_init
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, false);
Although it is only a quick-fix as it looks insecure. On the same location, I tried adding
curl_setopt($handle, CURLOPT_CAINFO, dirname(__FILE__) . '/../../cacert.pem');
(+verifypeer to true), but it has no effect... anybody?
This might be the same problem as in Guzzle and HTTPS - please see my answer at https://stackoverflow.com/a/29588396/413531 and check if explicitly providing a newly downloaded cacert.pem file solves your issue (double check that the path to the file is valid!)
I have recently moved servers and a PHP script that has worked for a long time no longer works. I've tracked it down to a wrapper class I have for easily doing multi-curl operations. The whole script works start to finish occasionally but fails most of the time.
However, during my testing I found that when the script failed it failed here:
$ch = curl_init();
When the script failed $ch was NULL. The documentation (php.net) says that it should return a resource on success and FALSE on failure not NULL.
I'm using Ubuntu 12.04 server. As I've said this script ran for a long time. So I'm thinknig one of a few things has happened. First, the image from my hosting company is supposed to be the latest with the latest security patches, etc. Could there have been a PHP patch that messed something up? Second, there's a resource issue I didn't experience on the previous machine (or any other machine I've used for that matter). Finally, there's something wrong with the image my hosting company installed.
If anyone has any experience with this type of error I'd love to hear it.
Update:
$ch = curl_init();
echo '<br>Res: ' . var_dump($ch);
Returns:
Res: NULL
I have come across a similar problem, and my guess is that curl_init() is disabled in your php server, for some reason that i do not know .
Please check if curl_init() is enabled in your system, and please set error-reporting(E_ALL); at the top of your script to see what might be wrong.
In my case, i am receiving a warning saying that curl_init() is disabled for security reasons.
I'm using Janrain's PHP-OpenID 2.1.3, and I've managed to get it working with all the providers I have tried except for Google and Yahoo. The major difference here seems to be that Google and Yahoo, unlike most other providers, don't use a user-specific URL, but rather have the user discovery framework all on their end - which throws the default Janrain framework for a loop then it tries to begin the auth request.
From what I've seen it looks like it's probably the YADIS discovery that is throwing the error, which should be able to be bypassed since the discovery is on Google or Yahoo's end, but I'm not sure. This is all a big informal learning experience for me, and I haven't had any luck finding documentation that can help me on this one. Any tips would be greatly appreciated.
Edit: the specific problem I am having is that when the begin() function is called for the Google or Yahoo URL, I get a null return. This function is found in Auth/OpenID/Consumer.php for reference.
Ok, I finally got to fix the library... I explained everything here (you can also download the php-openid library after my changes).
I needed to do what Paul Tarjan suggested but, also, I needed to modify the Auth_OpenID_detectMathLibrary and add the static keyword to a lot of functions. After that It seems to work perfectly although it is not an ideal solution... I think that someone should rewrite the whole library in PHP 5...
I had the same problem on Windows XP. Fixed by activating curl extension. To do this uncomment in php.ini the line
extension=php_curl.dll
by removing the ; in front of it if any. Restart apache.
Also on windows to work properly you need to define Auth_OpenID_RAND_SOURCE as null since in windows you don't have a random source. You can do this by adding the line
define('Auth_OpenID_RAND_SOURCE', null);
in CryptUtil.php before the first code line
if(!defined('Auth_OpenID_RAND_SOURCE')){
Even if the curl is not enabled the API should work by using instead the Auth_Yadis_PlainHTTPFetcher to communicat via HTTP. In the case of Google and Yahoo you need https, so it only works if open_ssl is enabled (Auth_Yadis_PlainHTTPFetcher::supportsSSL must return true).
I had exactly the same problem and it took me nearly 2 hours to track the problem. Jan Rain's OpenId lib requires 'DOM or domxml PHP XML' (https://github.com/openid/php-openid) but it will fail silently when neither is available!
On my CentOS installation simple:
yum install php-xml
fixed the problem (I'm using this repo: http://blog.famillecollet.com/pages/Config-en).
Are you using the example RP? Can I suggest you submit a detailed bug at http://trac.openidenabled.com/trac/newticket?project=php-openid or a detailed enquiry via the mailing list.
The immediate_mode support indeed does work the libraries if implemented correctly. I (and others) would also be happy to help you on the OpenID IRC channel irc.reenode.net in #openid. My nickname is flaccid.
It's because you don't have curl support enabled enabled in php. Without this, it can't get https content. At least, that's what I discovered. When I tried to get yahoo or google, it failed with an error message "Authentication error; not a valid OpenID," but when I enable php_curl, it works properly.
Make sure your server has curl with https protocol enabled. This solved it for me.
see this thread.
Here is a quick script to test it out. Upload on your server then acccess it via your browser.
<?php
error_reporting(E_ALL);
// create curl resource
$myurl = 'https://<YOURACCOUNT>.myopenid.com';
$curl_handle=curl_init();
curl_setopt($curl_handle,CURLOPT_URL, $myurl);
curl_setopt($curl_handle,CURLOPT_CONNECTTIMEOUT,2);
curl_setopt($curl_handle,CURLOPT_RETURNTRANSFER,1);
$buffer = curl_exec($curl_handle);
if (empty($buffer))
{
print "Sorry, cannot access $myurl .<p>". curl_error($curl_handle);
}
else
{
print $buffer;
}
curl_close($curl_handle);
?>
If it returns " Protocol https not supported or disabled in libcurl" then you know what to do.
I tried it using my gmail account and it works but it leads to a 301 permanent rediret, which makes sense.
Another potential difference is that Google and Yahoo use HTTPS and if your PHP or SSL installation is misconfigured (perhaps missing CA certs) then your OpenID code will fail to establish an association or complete the check_authentication call.
But without error messages or logs, I can't really tell what type of failure you're looking at.
A couple of years too late, but this might be relevant for users using Janrains PHP OpenID 2.2.2 library on a Windows platform. I'm still on PHP 5.2.17.
My simple test, just to make sure the library was contacting Google was to use the examples/discover.php program, and pass Googles OpenID URL (https://www.google.com/accounts/o8/id).
As per the instructions, the standard steps are to enable GMP (uncomment extension=php_gmp.dll) and CURL (uncomment extension=php_curl.dll). XML should already be enabled.
You may also need to extract the package in contrib/google and make sure google_discovery.php and ca-bundle.crt are in Auth/OpenID.
The extra paranoid could start with examples/detect.php, to make sure they have things set up correctly. It is expected you'd pass all the tests except the Cryptographic Randomness test. For this, you'll need to add
define('Auth_OpenID_RAND_SOURCE', null);
to the top of examples/detect.php. And while you're there, add that to examples/consumer/common.php (since examples/discover.php uses it).
Now, even after all this, discovery for the Google OpenID URL was failing. I was getting CURL error (60): SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in the php error log.
In the Windows environment, you need a definition for the CURLOPT_CAINFO. For my quick test, I added curl_setopt($c, CURLOPT_CAINFO, dirname(__FILE__)."/../OpenID/ca-bundle.crt"); before the curl_exec() statements in Auth/Yadis/ParanoidHTTPFetcher.php.
This allowed the examples/discover.php to discover the services offered by the Google URL.
As a longer term solution for setting CURLOPT_CAINFO in Windows, you might like to refer to this StackOverflow answer so you can add a setting to your php.ini.