Brant Snow
asked on
PHP Secure Post SSL
Im going to be doing a secure post in PHP, this is my first time, I believe the certificate is installed or is going to be installed so we have the .csr
Ill be writing the shopping cart then gathering personal information including credit card then making a secure post to a specific URL they maintain.
I need someone to walk me through the process, what i will need to do, how do i encode the data for my post using the certificate etc and point me in the right direction with code or tutorials that will help me out in this matter.
Ill be writing the shopping cart then gathering personal information including credit card then making a secure post to a specific URL they maintain.
I need someone to walk me through the process, what i will need to do, how do i encode the data for my post using the certificate etc and point me in the right direction with code or tutorials that will help me out in this matter.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
hankknight this looks good but i have a question, there is going to be a valid SSL so will i need to set that to true or rather 1 or 0, will it automatically encode and decode it using this script.
The other question is what does the response come back as, in other words what is the variable that processes the response?
The other question is what does the response come back as, in other words what is the variable that processes the response?
ASKER
And just to clarify, the verifypeer is only to the site im posting too correct, it has nothing to do with the site im currently on, i could be on a secure site with a ssl certificate and post to a https location and just use verify peer =false if i didnt care to verify who i was posting to correct?
If i wanted to verify the peer i would use something like this correct?
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . "/CAcerts/BuiltinObjectTok
If i wanted to verify the peer i would use something like this correct?
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . "/CAcerts/BuiltinObjectTok
Looks like you are on track. The two servers will take care of all the security stuff, just like browsers do.
http://php.net/manual/en/book.curl.php
http://devzone.zend.com/article/1081