cURL / Mailing Lists / curl-and-php / Single Mail

curl-and-php

Re: Re: HTTPS + Certificate

From: Fr�d�ric Dufour <fdufour_at_logfi.fr>
Date: Wed, 24 Sep 2003 16:49:29 +0200

Hello,

Thank you for your help, Scott... and the lesson : RTFM (Read The Fu..ing
Manual)...

Q 1 :
I am looking at the command line documentation at
http://curl.haxx.se/docs/manpage.html and I do not see a --key option
anywhere. The only place the word "key" appears on that page is in the
description of --cert: "Note that this certificate is the private key and
the private certificate concatenated!" How did you learn of the --key
option?
R 1 :
me too, I asked some assistance on curl mailing list and I had this answer :
http://curl.haxx.se/mail/archive-2003-09/0107.html

Q 2 :
Does your certificate file have both your private key and private
certificate as described in the documentation?
R2 :
now, yes :-/ (sorry, sorry, sorry). I used : openssl pkcs12 -in
MyCert.pfx -out MYCERT.pem -nodes
If I try : curl --cacert CAROOT.pem --cert MYCERT.pem https://mywebsite/
it's ok... (too). ps : the curl command does not ask me my password. is it
ok ?

Q3 :
In my PHP 4.3.2 docs, I do not see CURLOPT_SSLKEY and CURLOPT_SSLKEYPASSWD.
I do see CURLOPT_SSLCERT and an associated CURLOPT_SSLCERTPASSWD. How did
you learn of CURLOPT_SSLKEY and CURLOPT_SSLKEYPASSWD?
R3 :
me too, I see CURLOPT_SSLKEY and CURLOPT_SSLKEYPASSWD options in example
code...

Q4 :
Are you attempting to use options that have been abandoned in more recent
versions?
R4 :
undoubtedly :-/

With all your help, if I try this code :

     $site = "https://mywebsite";
     $url = $site.$_SERVER["PATH_INFO"];
     $MyCert = "MYCERT2.pem";
     $certroot = "CAROOT.pem";
     $passwd = "0b14b67f";

     $ch = curl_init ($url);
     if (!$ch) {
          die ("Couldn't Initialize cURL handle\n");
     }

curl_setopt($ch, CURLOPT_SSLCERT, $MyCert);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $passwd);
// curl_setopt($ch, CURLOPT_CAINFO, $certroot);
// curl_setopt($ch, CURLOPT_SSLVERSION, 3);

     $code = curl_exec ($ch);
     if ($code != CURLE_OK) {
          die ("cURL error: " . curl_error ($ch) . "\n");
     }

     echo "<pre>";
     echo "\ncURL error number:" .curl_errno($ch);
     echo "\ncURL error:" . curl_error($ch);
     echo "</pre>";
     curl_close ($ch);

I have this response :

cURL error number:58
cURL error:unable to set certificate file (wrong password?)

hard for me to join the force...

-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
Received on 2003-09-24

This message: [ Message body ]
Next message: Scott Nichol: "Re: Re: HTTPS + Certificate"
Previous message: Scott Nichol: "Re: HTTPS + Certificate"
Maybe in reply to: Scott Nichol: "Re: HTTPS + Certificate"
Next in thread: Scott Nichol: "Re: Re: HTTPS + Certificate"
Reply: Scott Nichol: "Re: Re: HTTPS + Certificate"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]