SSL证书发行无法获取本地发行者证书 [英] SSL certificate issue unable to get local issuer certificate
问题描述
我正在尝试将数据发布到支付网关API.它要求以xml格式发布数据.我有以下代码:
I'm trying to post data to a payment gateway API. It required post data in xml format. I have the following code:
<?php
$requestUrl = 'https://api.given.bypg'; //$block->getPaymentUrl();
$amount = 100; // $block->totalOrderAmount()*100;
$approveUrl = $block->approveUrl();
$cancelUrl = $block->cancelUrl();
$declineUrl = $block->declineUrl();
$merchant = 'mydomain.com';
//$amount = '100'; // in cents. 1$ = 100cents.
$currency = '840'; // for dollar
$description = 'Happy customers is what we make.';
$merchantId = 'Nobel106513';
?>
<?php
echo $requestUrl;
$xml_data = '<TKKPG>
<Request>
<Operation>CreateOrder</Operation>
<Language>EN</Language>
<Order>
<OrderType>Purchase</OrderType>
<Merchant>'.$merchantId.'</Merchant>
<Amount>'.$amount.'</Amount>
<Currency>'.$currency.'</Currency>
<Description>'.$description.'</Description>
<ApproveURL>'.$approveUrl.'</ApproveURL>
<CancelURL>'.$cancelUrl.'</CancelURL>
<DeclineURL>'.$declineUrl.'</DeclineURL>
</Order>
</Request>
</TKKPG>';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $requestUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 60000);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml_data);//My post data
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAPATH, "/etc/apache2/ssl/m4/mydomain.com.crt");
curl_setopt($ch, CURLOPT_CAINFO, "/etc/apache2/ssl/m4/mydomain.com.crt");
curl_setopt($ch, CURLOPT_CERTINFO, 1);
$headers = [];
array_push($headers, 'Content-Type: text/xml;charset=UTF-8');
//array_push($headers, 'SoapAction: *');
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$content = trim(curl_exec($ch));
var_dump($content);
var_dump(curl_getinfo($ch));
var_dump(curl_errno($ch));
var_dump(curl_error($ch));
curl_close($ch);
-
var_dump($ content);
的输出为空''
. -
var_dump(curl_getinfo($ ch));
的输出.
数组(大小= 26)
'url'=>字符串' https://api.given.bypg '
'content_type'=> null
'http_code'=>整数0
'header_size'=>整数0
'request_size'=>整数0
'filetime'=>整数-1
'ssl_verify_result'=>整数1
'redirect_count'=>整数0
'total_time'=>浮点数0.488533
'namelookup_time'=>浮动0.028558
'connect_time'=>浮点数0.256858
'pretransfer_time'=>浮点数0
'size_upload'=>浮点数0
'size_download'=>浮点数0
'speed_download'=>浮点数0
'speed_upload'=>浮点数0
'download_content_length'=>浮点-1
'upload_content_length'=>浮点-1
'starttransfer_time'=>浮点数0
'redirect_time'=>浮点数0
'redirect_url'=>字符串''(长度= 0)
'primary_ip'=>字符串'91 .227.244.57'(长度= 13)
'certinfo'=>
数组(大小= 0)
空
'primary_port'=>整数8444
'local_ip'=>字符串'192.168.100.64'(长度= 14)
'local_port'=>整数53456
array (size=26)
'url' => string 'https://api.given.bypg'
'content_type' => null
'http_code' => int 0
'header_size' => int 0
'request_size' => int 0
'filetime' => int -1
'ssl_verify_result' => int 1
'redirect_count' => int 0
'total_time' => float 0.488533
'namelookup_time' => float 0.028558
'connect_time' => float 0.256858
'pretransfer_time' => float 0
'size_upload' => float 0
'size_download' => float 0
'speed_download' => float 0
'speed_upload' => float 0
'download_content_length' => float -1
'upload_content_length' => float -1
'starttransfer_time' => float 0
'redirect_time' => float 0
'redirect_url' => string '' (length=0)
'primary_ip' => string '91.227.244.57' (length=13)
'certinfo' =>
array (size=0)
empty
'primary_port' => int 8444
'local_ip' => string '192.168.100.64' (length=14)
'local_port' => int 53456
var_dump(curl_errno($ ch));
的输出: int 60
var_dump(curl_error($ ch));
的输出:
Output of var_dump(curl_error($ch));
:
字符串"SSL证书问题:无法获取本地颁发者证书"(长度= 63)似乎该API没有返回任何数据,如curl_getinfo()所示.请帮助我,我已经在社区中看到了几乎所有建议的解决方案.
string 'SSL certificate problem: unable to get local issuer certificate' (length=63) It seems like the API is returning no data as seen on curl_getinfo(). Please help me, I have seen almost every solution suggested in communities.
我已经编辑了我的 php.ini
文件,以提供从curl网站下载的证书的路径.但这效果不佳.
I have edited my php.ini
file to give the path to the certificate downloaded from curl website. But this did not work as well.
推荐答案
我从我的API提供者那里获得了支持,他们指出了我的方法中缺少的东西.对于他们的网关,我需要加载私有密钥,公共密钥和密码,以在curl请求中保护这些密钥.解决方法如下:
I got support from my API providers who pointed something missing in my approach. For their gateway I needed to load the private key, public key and password that protects these keys in curl request. The solution is as follows:
/*ssl crts*/
$twpg_cert_file = "/etc/apache2/ssl/m4/mydomain.com.crt";
$twpg_key_file = "/etc/apache2/ssl/m4/mydomain.com.key";
$twpg_key_password = '';
/*ssl crts*/
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $requestUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 60000);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml_data);//My post data
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSLCERT, $twpg_cert_file);
curl_setopt($ch, CURLOPT_SSLKEY, $twpg_key_file);
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, $twpg_key_password);
curl_setopt($ch, CURLOPT_CERTINFO, 1);
$headers = [];
array_push($headers, 'Content-Type: text/xml;charset=UTF-8');
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$content = trim(curl_exec($ch));
curl_close($ch);
现在一切正常.
这篇关于SSL证书发行无法获取本地发行者证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!