Using certificate for PayPal API with PHP cURL

Question

I am using the RefundTransaction API for PayPal. While I have no difficulty using signatures, I have no idea how to use Certificates. I downloaded the certificate from the site (.txt) and got the username and password. I am using the following code:

$this->API_UserName  = urlencode("xxx");
$this->API_Password  = urlencode("xxx");
$this->API_Signature = urlencode($this->API_Signature);

$this->version = urlencode("104.0");

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->API_Endpoint); // https://api.paypal.com/nvp
curl_setopt($ch, CURLOPT_VERBOSE, 1);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . "\cert_key_pem.txt");

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);

$reqStr = "METHOD=RefundTransaction&VERSION={$this->version}&PWD={$this->API_Password}&USER={$this->API_UserName}$requestString";

//$requeststring has refund specific fields

curl_setopt($ch, CURLOPT_POSTFIELDS, $reqStr);  

// Get response from the server.
$curlResponse = curl_exec($ch);

if(!$curlResponse)
    return array("ERROR_MESSAGE"=>"RefundTransaction failed ".curl_error($ch)."  (".curl_errno($ch).")");

I am getting the following error:

 [ERROR_MESSAGE] => RefundTransaction failedSSL read:    
 error:00000000:lib(0):func(0):reason(0), errno 0(56)

What am I doing wrong?

Answer 1

Change:

curl_setopt($ch, CURLOPT_CAINFO, getcwd() . "\cert_key_pem.txt");

To:

curl_setopt($ch, CURLOPT_SSLCERT, getcwd() . "\cert_key_pem.txt");

And ensure the certificate file is readable by the webserver.

Note: since it concerns a part of your API credentials, I would recommend placing the file outside your webroot (as it looks like you're not doing this right now).