在php中使用curl与“CA证书,客户端证书和私钥”在单独的文件 [英] Using curl in php with "CA certificate, Client Certificate and Private Key" in separate files
本文介绍了在php中使用curl与“CA证书,客户端证书和私钥”在单独的文件的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我需要帮助以重写此PHP curl代码(使用一个* .pem文件 - CA cert,客户端证书,私钥在一个文件中):
I need assistance to rewrite this PHP curl code (that uses one *.pem file - CA cert, Client cert, private key in one file):
curl_setopt($curl, CURLOPT_URL, $this->url);
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($curl, CURLOPT_SSLCERT, $this->keystore);
curl_setopt($curl, CURLOPT_CAINFO, $this->keystore);
curl_setopt($curl, CURLOPT_SSLKEYPASSWD, $this->keystorepassword);
curl_setopt($curl, CURLOPT_POSTFIELDS, $post);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
因此,它可以使用 CA证书
在此命令行示例中:
curl -dvar1 = value1& var2 = value2& ...-G -v --key key.pem --cacert ca.pem - -cert client.pem:xxxxxx https://www.somesite.com/page
推荐答案
以下是一个PHP脚本,其中包含您的命令行调用的直接翻译:
Here is a PHP script with a literal translation of your command line call:
<?php
$data = "var1=value1&var2=value2&...";
$url = "https://www.somesite.com/page";
$keyFile = "key.pem";
$caFile = "ca.pem";
$certFile = "client.pem";
$certPass = "xxxxxx";
// Initialise cURL
$ch = curl_init($actualUrl);
// The -d option is equivalent to CURLOPT_POSTFIELDS. But...
// PHP's libcurl interface does not implement the -G flag - instead you would
// append $data to $url like this:
$actualUrl = $url.'?'.$data;
curl_setopt($curl, CURLOPT_URL, $actualUrl);
// The -v flag only makes sense at the command line, but it can be enabled
// with CURLOPT_VERBOSE - in this case the information will be written to
// STDERR, or the file specified by CURLOPT_STDERR. I will ignore this for
// now, but if you would like a demonstration let me know.
// The --key option - If your key file has a password, you will need to set
// this with CURLOPT_SSLKEYPASSWD
curl_setopt($ch, CURLOPT_SSLKEY, $keyFile);
// The --cacert option
curl_setopt($ch, CURLOPT_CAINFO, $caFile);
// The --cert option
curl_setopt($ch, CURLOPT_SSLCERT, $certFile);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $certPass);
/*
Now we should get an identical request to the one created by your command
line string, let's have a look at some of the other options you set...
*/
// CURLOPT_HEADER is disabled by default, there's no need for this unless you
// enabled it earlier
//curl_setopt($curl, CURLOPT_HEADER, 0);
// Your command line string forces a GET request with the -G option, are you
// trying to POST or GET?
//curl_setopt($curl, CURLOPT_POST, true);
// We don't need body data with a GET request
//curl_setopt($curl, CURLOPT_POSTFIELDS, $post);
// Since we've gone to all the trouble of supplying CS information, we might
// as well validate it!
//curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
这篇关于在php中使用curl与“CA证书,客户端证书和私钥”在单独的文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文