• PHP
  • Ruby on Rails
  • MySQL
  • Linux
    • SELINUX
    • Fedora
    • debian
  • Apache
  • nginx
  • AJAX
Albertech.net

Tag Archives: Ssl

Guide: Using PHP cURL for https requests and a CA certificate

October 5, 2011 6:30 pm / Albertech.net

I’ve looked at a number of cURL PHP tutorials on the web and noticed “curl_setopt($RESTsession, CURLOPT_SSL_VERIFYPEER, false);” is often used for accessing secure websites via cURL. This is often seen when people ask “I cannot connect to HTTPS site using cURL” or  have the “SSL certificate problem, verify that the CA cert is OK” error with cURL.

Ideally, you should set the SSL_VERIFYPEER value to true unless the server you are connecting to does not have a signed certificate. If you are sending confidential data, wouldn’t you want to make sure you are connecting to the correct server?

The first thing you need to do to get https requests is to get the correct CA certificate.

Here’s how to get the CA certificate using Mozilla Firefox 6.

1) On the address bar, visit the secure server that you will need to connect via https:. This will be used to retrieve the certificate file. In this example, I’m using Google.com. Click on the button to the left of the address bar. Click on the “More Information” button.

 

2) A page info window will popup. Click on the “View Certificate” button.

 

3) Click on the “View PEM” button. The “Export” feature does not include the necessary data for cURL to work properly.

 

4) Save the PEM File

 

5) Rename the file to YOURSERVER.pem. Save this file on your web server.

 

Now that you have the certificate, you will need to write the cURL PHP code:

// Replace with your remote server URL
$request = 'https://mysite.com/';
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $request);

// Replace mysite.pem with name of your certificate file
curl_setopt($curl,CURLOPT_CAINFO,getcwd() . "/mysite.pem");

curl_setopt($curl, CURLOPT_HEADER, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($curl);

// Error checking
if(empty($curl)) { echo 'Curl error: ' . curl_error($curl); }
curl_close($curl);

 

 

Modify the $request variable to match the URL of your remote site (e.g. API)  and change the mysite.pem file to the path to your CA file.

If everything works ok, the output of the remote site will be in the $response variable.

Share this:

  • Facebook
  • Google
  • Twitter
  • Print
  • Email
Posted in: PHP / Tagged: certificate, cURL, PHP, ssl

Categories

  • AJAX
  • Android
  • Apache
  • Canon Cameras
  • Cloud
  • CMS
  • Computer Mods
  • Conferences
  • Deals
  • debian
  • Fedora
  • Flash
  • Frameworks
  • git
  • Hardware
  • HTML
  • IDE
  • iPhone
  • iPhone App Review
  • jQuery
  • Linux
  • Mac OS X
  • MySQL
  • nginx
  • PHP
  • portfolio
  • Puppet
  • Ruby on Rails
  • Script Reviews
  • SELINUX
  • Software
  • Software Review
  • SQL Server
  • statistics
  • Tech
  • Tomcat
  • Uncategorized
  • VMWARE
  • VPS
  • Windows
  • wordpress
  • Zend Framework

Blogroll

  • DragonAl Flickr
  • Dropbox – Free 2GB Account
  • James' Blog
  • Javascript Compressor
  • PHP Builder Community
  • PHP-Princess.net
  • Rubular – Regular Expression Validator
  • The Scale-Out Blog
  • Tiny MCE

Tags

activation AJAX android antec Apache AWS awstats canon coda codeigniter debian enclosure external free G1 install vmware tools Internet Explorer iphone 5 jquery Linux mx-1 MySQL office 2007 OSX photoshop PHP plugin plugins portfolio redesigned website review rewrite script security SELinux ssh tinymce tutorial upgrade VMWARE vmware server wordpress wordpress mu XSS zend framework
© Copyright 2013 Albertech.net
Infinity Theme by DesignCoral / WordPress
loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.