cURL无法在本地服务器中使用客户端证书
[英]cURL is unable to use client certificate , in local server
问题描述
I set up a local server using XAMPP. 
我使用XAMPP设置了本地服务器。 I have two PHP scripts , a sender and a receiver. 我有两个PHP脚本,一个发送器和一个接收器。 I am trying to send an XML file from the sender to the receiver using HTTP over SSL (HTTPS). 我正在尝试使用HTTP over SSL(HTTPS)将XML文件从发送者发送到接收者。
I created a self signed certificate, configured XAMPP, and I am using this code on my sender : 我创建了一个自签名证书,配置了XAMPP,并在发件人上使用以下代码:
<?php
/*
* XML Sender/Client.
*/
// Get our XML. You can declare it here or even load a file.
$xml = file_get_contents("data.xml");
// We send XML via CURL using POST with a http header of text/xml.
$ch = curl_init();
//curl_setopt($ch, CURLOPT_SSLVERSION,3);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, getcwd().'ipm.crt');
curl_setopt($ch, CURLOPT_SSLCERT, getcwd().'ipm.pem');
curl_setopt($ch, CURLOPT_SSLCERTPASSWD,'pass');
//i use this line only for debugging through fiddler. Must delete after done with debugging.
curl_setopt($ch, CURLOPT_PROXY, '127.0.0.1:8888');
// set URL and other appropriate options
curl_setopt($ch, CURLOPT_URL, "https://ipv4.fiddler/iPM/receiver.php");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_REFERER, 'https://ipv4.fiddler/iPM/receiver.php');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$ch_result = curl_exec($ch);
echo "Result = ".$ch_result;
echo 'Curl error: ' . curl_error($ch);
curl_close($ch);
// Print CURL result.
?>
However i always get this error : Curl error: unable to use client certificate (no key found or wrong pass phrase?) 但是,我总是收到此错误: Curl error: unable to use client certificate (no key found or wrong pass phrase?)
What can i possibly do wrong? 我可能会做错什么? The passphrase IS the word pass . 密码短语是pass 。
I created my .crt by doing : 我通过执行以下操作创建了.crt:
openssl req -config openssl.cnf -new -out ipm.csr -keyout ipm.pem
openssl rsa -in ipm.pem -out ipm.key
openssl x509 -in ipm.csr -out ipm.crt -req -signkey ipm.key -days 365
I don't want to put the SSL_VERIFYPEER and SSL_VERIFYHOST to false. 我不想将SSL_VERIFYPEER和SSL_VERIFYHOST为false。
3 个解决方案
解决方案1
1 2014-08-01 14:24:18
Try exchanging your files like so: 尝试像这样交换文件:
curl_setopt($ch, CURLOPT_CAINFO, getcwd().'ipm.pem');
curl_setopt($ch, CURLOPT_SSLCERT, getcwd().'ipm.crt');
I suspect you have them the wrong way round. 我怀疑您的做法错误。
解决方案2
0 2014-07-28 13:18:51
I think that you already fixed your problem, but I can see two problems: 我认为您已经解决了问题,但是我可以看到两个问题:
- you forgot about a slash between
getcwd()andfilename:您忘记了getcwd()和filename之间的斜线:
curl_setopt($ch, CURLOPT_CAINFO, getcwd().'/ipm.crt');
curl_setopt($ch, CURLOPT_SSLCERT, getcwd().'/ipm.pem'); - you need to attach a key file as
@donparaliasalready said您需要附加密钥文件,就像@donparalias已经说过的那样
解决方案3
-2 2013-01-23 00:10:52
密钥必须是文件名,而不是密码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.