stackoom
  简体   繁体   中英

php curl with certificate and no key file or passphrase

 原文  2015-01-27 22:39:43       php/ curl/ ssl-certificate/ libcurl/ x509certificate

Question

I'm relatively new to php with curl and wanted to ask a sanity check question.

I'm attempting to post an xml file to an https server with a certificate in DER format provided by the server admin. I have also successfully converted the DER file to ascii PEM format and am receiving essentially the same error. 

With PEM format:
* unable to use client certificate (no key found or wrong pass phrase?)

With DER format:
cURL Error (58): unable to set private key file:

With DER I use: CURLOPT_SSLCERTTYPE => "DER"

My research indicates that the PHP curl also needs a key file in PEM format or at least a pass phrase. The server admin would need to provide me with one or the other.

I am aware of the outdated curl issue on Centos and some linux boxes and have upgraded curl to the latest version: curl 7.40.0 (x86_64-redhat-linux-gnu) libcurl/7.40.0 OpenSSL/1.0.1e zlib/1.2.3 c-ares/1.10.0 libidn/1.18 libssh2/1.4.3

The permissions on my cer and pem files are r--r--r--

Am I correct about the missing key or is there a way to make such a post to an https server with only the DER or PEM certificate? Any insights much appreciated.

Here is the heart of my php script: 

$ch = curl_init();

$options = array(
    CURLOPT_POST => 1,
    CURLOPT_HTTPHEADER => ['Content-Type:', 'text/xml'],
    CURLOPT_POSTFIELDS => $testorder,
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_SSLCERTTYPE => "DER", // commented out for PEM version
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HEADER         => true,
    CURLOPT_FOLLOWLOCATION => true,
    CURLOPT_SSL_VERIFYHOST => false,
    CURLOPT_SSL_VERIFYPEER => false,
    CURLOPT_USERAGENT => 'Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)',
    CURLOPT_VERBOSE        => true,
    CURLOPT_URL => $url,
    CURLOPT_SSLCERT => $cert_file,
);

curl_setopt_array($ch , $options);

$output = curl_exec($ch);

1 answers

solution1
 3 ACCPTED  2015-01-27 23:05:09

Looks like you set options for client certificate authentication but only provide a PEM file with a public key in it, no private key. You need a private key as well.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question php curl with certificate and key file not connecting with swish payment api PHP CURL request for a P12 (PFX) certificate with an export password (Passphrase) PHP Curl request with CRT, PEM, PFX and Passphrase Using curl in php with client certificate and private key in separate files PHP curl error: ssl peer certificate or ssh remote key was not ok Certificate Pinning with PHP cURL PHP cURL certificate error PHP - WiFi Network Id and passphrase to hexadecimal key SSL Certificate with PHP CURL Certificate CA bundle file: PEM - PHP/cURL - Local install..?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM