Solved

Using PHP Curl SSL

Posted on 2013-01-22
7
2,855 Views
Last Modified: 2013-02-11
I am testing the ssl connection , but I am not able to connect to the server from url, https://servicos.portaldasfinancas.gov.pt:700/fews/faturas. I have convert a PFX file to PEM file.
 My Test code is following :


////////////////////  test connection script/////////////////////////////////

public function process($url)
    {
        $soap = curl_init();


        curl_setopt($soap, CURLOPT_URL, "https://servicos.portaldasfinancas.gov.pt:700/fews/faturas");
        curl_setopt($soap, CURLOPT_SSLCERT ,  "C:\wwwroot\www-php\projects\foxfact\TestesWebServices.pem" );
        curl_setopt($soap, CURLOPT_SSLKEY ,  "C:\wwwroot\www-php\projects\foxfact\Testes__Web_Services_key" );
        curl_setopt($soap, CURLOPT_SSLKEYPASSWD ,  "TESTEwebservice" );
        curl_setopt($soap, CURLOPT_SSLVERSION, 3);
        curl_setopt($soap, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($soap, CURLOPT_SSL_VERIFYHOST, false);
        curl_setopt($soap, CURLOPT_CONNECTTIMEOUT, 20);
        curl_setopt($soap, CURLOPT_TIMEOUT,        15);
        curl_setopt($soap, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($soap, CURLOPT_POST,           true);
        curl_setopt($soap, CURLOPT_POSTFIELDS,     $this->xml);
        curl_setopt($soap, CURLOPT_HTTPHEADER,     $this->headers);

        $result = curl_exec($soap);

        if (curl_errno($soap) > 0) {
            $result = array('errocurl' => curl_errno($soap), 'msgcurl' => curl_error($soap));
            echo curl_error($soap);
            // $result = false;
        }

        curl_close($soap);

        return $result;

    }
}

The error message I have in browser is following:
Curl Error : unable to use client certificate (no key found or wrong pass phrase?)
Can you have a look and advise me  where I am getting wrong.

Best Regards
Lucilia Coelho
0
Comment
Question by:luciliacoelho
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 35

Expert Comment

by:gr8gonzo
ID: 38805583
Try using forward slashes in your paths on Windows, like:

C:/path/to/key.pem

Backslashes are also escape characters when they're inside of double quotes, so PHP can think that "C:\path\to\key.pem" is actually "C:pathtokey.pem". Alternatively, if you want to use backslashes, just use two of them like "C:\\path\\to\\key.pem"
0
 

Author Comment

by:luciliacoelho
ID: 38805656
I tried the two way but now gives the error message in browser: Unknown SSL protocol error in connection to...
Can you help me with this?
0
 
LVL 35

Expert Comment

by:gr8gonzo
ID: 38805710
Try setting  curl_setopt($soap, CURLOPT_SSLVERSION, 3); to 2 instead of 3.
0
Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

 
LVL 35

Accepted Solution

by:
gr8gonzo earned 500 total points
ID: 38805756
Actually, it's also possible that the client cert auth isn't working. Double-check to make sure the client cert also doesn't need a password with:

 curl_setopt($soap, CURLOPT_SSLCERTPASSWD, "TESTEwebservice");

It all depends on your certificate (especially if the certificate file contains a key in it).
0
 

Author Comment

by:luciliacoelho
ID: 38805848
I change setting  curl_setopt($soap, CURLOPT_SSLVERSION, 2) and become Curl Error : unable to use client certificate (no key found or wrong pass phrase?).
Use  curl_setopt($soap, CURLOPT_SSLCERTPASSWD, "TESTEwebservice") and error is the same.
0
 
LVL 35

Expert Comment

by:gr8gonzo
ID: 38806228
Try concatenating the key onto the cert, so that your cert file looks like:

-----BEGIN CERTIFICATE-----
contents of certificate
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
contents of key
-----END RSA PRIVATE KEY-----
0
 

Author Comment

by:luciliacoelho
ID: 38806242
Can you show me one example please.
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question