curl-and-php
SSL POST w Client Certificate
Date: Fri, 11 Jul 2003 10:18:22 +0100
A small introduction to the topic,
I need to perform a HTTPS POST to a certain site. Nothing new!
But I'm required to do it with a client certificate.
(I'm also doing it throught a proxy! But works fine.)
Let's take a look at the code:
if ($ch = curl_init()) {
if ( ( curl_setopt($ch, CURLOPT_URL, POST_URL))
&&(curl_setopt($ch, CURLOPT_HEADER, 0))
&&(curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,
0))
&&(curl_setopt($ch, CURLOPT_RETURNTRANSFER,
0))
&&(curl_setopt($ch, CURLOPT_CAINFO,
'C:/ca.pem'))
&&(curl_setopt($ch, CURLOPT_SSLCERT,
'C:/c.pem'))
&&(curl_setopt($ch, CURLOPT_SSLVERSION, 3))
&&(curl_setopt($ch, CURLOPT_POSTFIELDS,
$param))
) {
if (CC_PROXY)
curl_setopt($ch, CURLOPT_PROXY,
CC_PROXY);
if (CC_PROXY_USER)
curl_setopt($ch,
CURLOPT_PROXYUSERPWD, CC_PROXY_USER);
echo htmlentities(curl_exec ($ch));
}
curl_close($ch);
}
And this code works, but the server doesn't recognize the client cert. In
the past I programmed SSL with openssl, and I got the idea that I have to
pass a third file, the private key, to do this. How can I pass it with curl
and php? (I believe curl makes it available).
The cert is public (for testing and is in pkcs12 format, and I have
converted it to pem, has I done before).
Comments anyone?
Nelson Gomes
Security Developer & Electronic Payments
............................................................................
...........
Novabase
Av. Engš Duarte Pacheco, 15F , 1070-100 Lisboa - Portugal
Tel. (+351) 213 836 300 . Fax (+351) 213 836 301
nelson.gomes_at_novabase.pt
www.novabase.pt
<<tpa1266.pfx>>
-------------------------------------------------------
This SF.Net email sponsored by: Parasoft
Error proof Web apps, automate testing & more.
Download & eval WebKing and get a free book.
www.parasoft.com/bulletproofapps1
- application/octet-stream attachment: tpa1266.pfx