[英]Moving Curl client ssl to Guzzle
我正在使用Guzzle v3.9.2與php 5.3和php 5.5。
我有以下工作curl代碼使用ssl客戶端證書:
$url = "https://example.com/";
$cert_file = '/path/to/certificate.pem';
$ch = curl_init();
$options = array(
CURLOPT_RETURNTRANSFER => true,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_URL => $url ,
CURLOPT_SSLCERT => $cert_file ,
);
curl_setopt_array($ch , $options);
$output = curl_exec($ch);
if (!$output) {
echo "Curl Error : " . curl_error($ch);
}
else {
echo htmlentities($output);
}
我試圖把它移到Guzzle:
require '/var/www/vendor/autoload.php';
use Guzzle\Http\Client;
$client = new Client();
$request = $client->get($url, array('cert' => $cert_file));
$response = $client->send($request);
echo $response . PHP_EOL;
print 'HI' . PHP_EOL;
當我使用curl運行它時,我得到200響應。 當我使用Guzzle時,我得到403。
試試這樣:
$client = new Client();
$response = $client->get($url, array(), array('cert' => $cert_file));
並檢查添加此行:
$this->assertEquals($cert_file, $request->getCurlOptions()->get(CURLOPT_SSLCERT));
或使用此:
$client = new Client();
$request = $client->createRequest('GET', $url);
$request->getCurlOptions()->set(CURLOPT_SSLCERT, $cert_file);
$response = $client->send($request);
如果您使用自簽名證書設置此選項:
$request->getCurlOptions()->set(CURLOPT_SSL_VERIFYHOST, false);
$request->getCurlOptions()->set(CURLOPT_SSL_VERIFYPEER, false);
在發送請求之前設置此行:
$request = $client->get( .... )
.
.
.
$request->setResponse(new Response(200), true);
$request->send();
檢查你的網址並輸入它,如下所示:
$url = 'https://example.com/index.php';
並且您可以添加像curl代碼一樣的默認選項:
$request->getCurlOptions()->set(CURLOPT_RETURNTRANSFER , true);
$request->getCurlOptions()->set(CURLOPT_FOLLOWLOCATION , true);
首先,因為這導致了一些混亂,Gihub上有兩個版本的Guzzle:
這里有兩個(經過測試的工作)示例,每個版本的Guzzle一個:
對於Guzzle的最新版本(不是所謂的舊版本Guzzle3),它應該是:
use GuzzleHttp\Client;
$client = new Client();
$response = $client->get($url, array('cert' => $cert_file));
var_dump($response);
確保客戶端證書以PEM
格式存儲。 如果證書受密碼保護,您需要像下面這樣指定:
$response = $client->get($url,
array('cert' => array($cert_file, 'password' => '****'));
! 請注意,上面提供密碼的代碼在手冊中有描述,但在最近的版本中沒有用。
對於舊版本Guzzle3(您正在使用)
use Guzzle\Http\Client;
// Create a client and provide a base URL
$client = new Client();
$request = $client->get($url, array(), array(
'cert' => $cert_file
));
// You must send a request in order for the transfer to occur
$response = $request->send();
var_dump($response);
If you are using private key then you have to use ssl_key option it will not
work with cert.You can use **cert** options only with client certificate.
出現此錯誤的原因有三個。
Guzzle如何設置ssl卷曲路徑:
vendor/Http/Resources/cacert.pem
。 ssl.certificate_authority
參數來設置curl ssl認證。 它支持false,true或文件路徑的值 您可以在類初始化時設置文件路徑,如下所示 -
$cert_file = '/var/www/stack/25924147/cert/example.pem'; #Use absolute path as relative path will not work $client = new Client(); $client->setDefaultOption('verify',true); #pass it for self-signed certificate $client->setSslVerification($cert_file,true,2); #Last Verify Option states default value is 2. When the verify value is 0, the connection succeeds regardless of the names in the certificate. Use that ability with caution!. When the verify value is 1, curl_easy_setopt will return an error try{ $request = $client->get($url); $options = $request->getCurlOptions(); #used to check curl options is set properly. var_dump($options); $response = $client->send($request); echo $response . PHP_EOL; print 'HI' . PHP_EOL; }catch( Guzzle\\Http\\Exception\\CurlException $e){ print_r($e->getResponse()); echo "\\n Curl Error \\n"; }catch(Guzzle\\Http\\Exception\\ClientErrorResponseException $e){ print_r($e->getResponse()); echo "\\n Response Error \\n"; }catch( Guzzle\\Http\\Exception\\RequestException $e){ print_r($e->getResponse()); echo "\\n REquest Error \\n"; }
或者如果您想在每個請求上傳遞證書,請嘗試以下代碼
$cert_file = '/var/www/stack/25924147/cert/example.pem'; #Use absolute path as relative path will not work
$client = new Client();
$request = $client->get('https://www.example.com', array(), array(
'ssl_key' => array('/etc/pki/private_key.pem')
)
With Passoword -
$request = $client->get('https://www.example.com', array(), array(
'ssl_key' => array('/etc/pki/private_key.pem', 's3cr3tp455w0rd')
)
對於Guzzle Http客戶端Doc檢查 - Guzzle HTTP客戶端
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.