Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Using PHP Curl SSL

Posted on 2013-01-22
7
Medium Priority
?
2,981 Views
Last Modified: 2013-02-11
I am testing the ssl connection , but I am not able to connect to the server from url, https://servicos.portaldasfinancas.gov.pt:700/fews/faturas. I have convert a PFX file to PEM file.
 My Test code is following :


////////////////////  test connection script/////////////////////////////////

public function process($url)
    {
        $soap = curl_init();


        curl_setopt($soap, CURLOPT_URL, "https://servicos.portaldasfinancas.gov.pt:700/fews/faturas");
        curl_setopt($soap, CURLOPT_SSLCERT ,  "C:\wwwroot\www-php\projects\foxfact\TestesWebServices.pem" );
        curl_setopt($soap, CURLOPT_SSLKEY ,  "C:\wwwroot\www-php\projects\foxfact\Testes__Web_Services_key" );
        curl_setopt($soap, CURLOPT_SSLKEYPASSWD ,  "TESTEwebservice" );
        curl_setopt($soap, CURLOPT_SSLVERSION, 3);
        curl_setopt($soap, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($soap, CURLOPT_SSL_VERIFYHOST, false);
        curl_setopt($soap, CURLOPT_CONNECTTIMEOUT, 20);
        curl_setopt($soap, CURLOPT_TIMEOUT,        15);
        curl_setopt($soap, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($soap, CURLOPT_POST,           true);
        curl_setopt($soap, CURLOPT_POSTFIELDS,     $this->xml);
        curl_setopt($soap, CURLOPT_HTTPHEADER,     $this->headers);

        $result = curl_exec($soap);

        if (curl_errno($soap) > 0) {
            $result = array('errocurl' => curl_errno($soap), 'msgcurl' => curl_error($soap));
            echo curl_error($soap);
            // $result = false;
        }

        curl_close($soap);

        return $result;

    }
}

The error message I have in browser is following:
Curl Error : unable to use client certificate (no key found or wrong pass phrase?)
Can you have a look and advise me  where I am getting wrong.

Best Regards
Lucilia Coelho
0
Comment
Question by:luciliacoelho
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 35

Expert Comment

by:gr8gonzo
ID: 38805583
Try using forward slashes in your paths on Windows, like:

C:/path/to/key.pem

Backslashes are also escape characters when they're inside of double quotes, so PHP can think that "C:\path\to\key.pem" is actually "C:pathtokey.pem". Alternatively, if you want to use backslashes, just use two of them like "C:\\path\\to\\key.pem"
0
 

Author Comment

by:luciliacoelho
ID: 38805656
I tried the two way but now gives the error message in browser: Unknown SSL protocol error in connection to...
Can you help me with this?
0
 
LVL 35

Expert Comment

by:gr8gonzo
ID: 38805710
Try setting  curl_setopt($soap, CURLOPT_SSLVERSION, 3); to 2 instead of 3.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 35

Accepted Solution

by:
gr8gonzo earned 2000 total points
ID: 38805756
Actually, it's also possible that the client cert auth isn't working. Double-check to make sure the client cert also doesn't need a password with:

 curl_setopt($soap, CURLOPT_SSLCERTPASSWD, "TESTEwebservice");

It all depends on your certificate (especially if the certificate file contains a key in it).
0
 

Author Comment

by:luciliacoelho
ID: 38805848
I change setting  curl_setopt($soap, CURLOPT_SSLVERSION, 2) and become Curl Error : unable to use client certificate (no key found or wrong pass phrase?).
Use  curl_setopt($soap, CURLOPT_SSLCERTPASSWD, "TESTEwebservice") and error is the same.
0
 
LVL 35

Expert Comment

by:gr8gonzo
ID: 38806228
Try concatenating the key onto the cert, so that your cert file looks like:

-----BEGIN CERTIFICATE-----
contents of certificate
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
contents of key
-----END RSA PRIVATE KEY-----
0
 

Author Comment

by:luciliacoelho
ID: 38806242
Can you show me one example please.
0

Featured Post

Understanding Web Applications

Without even knowing it, most of us are using web applications on a daily basis. Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We often confuse these web applications tools for websites.  So, what is the difference?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
This article discusses how to implement server side field validation and display customized error messages to the client.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question