How do I make an HTTPS request using cURL?

I have 2 php scripts to send an XML file and catch it. I am using cURL and everything was fine. Now I am trying to do the same, but using HTTP over SSL (HTTPS). I installed a local server with XAMPP and I installed SSL by following this post: Setting up SSL on a local xampp / apache server .

I am trying to send an XML file like this:

<?php
  /*
   * XML Sender/Client.
   */
  // Get our XML. You can declare it here or even load a file.



  $xml = file_get_contents("data.xml");


  // We send XML via CURL using POST with a http header of text/xml.
  $ch = curl_init();

  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
  curl_setopt ($ch, CURLOPT_CAINFO, dirname(__FILE__)."/cacert.pem");

  //i use this line only for debugging through fiddler. Must delete after done with debugging.
  curl_setopt($ch, CURLOPT_PROXY, '127.0.0.1:8888');

  // set URL and other appropriate options
  curl_setopt($ch, CURLOPT_URL, "https://ipv4.fiddler/iPM/receiver.php");
  curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
  curl_setopt($ch, CURLOPT_HEADER, 0);
  curl_setopt($ch, CURLOPT_POST, 1);
  curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
  curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
  curl_setopt($ch, CURLOPT_REFERER, 'https://ipv4.fiddler/iPM/receiver.php');
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  $ch_result = curl_exec($ch);
  echo "Result = ".$ch_result;
  curl_close($ch);
  // Print CURL result.
?>

      

I have uploaded a new certificate for cURL from here:

http://curl.haxx.se/ca/cacert.pem

I'm not sure where I should put the certificate, but I put it in my workspace directory of this project.

The problem is that the XML file is never sent to the recipient. Any ideas?

+3


source to share


2 answers


cacert.pem

which you pass to cURL with CURLOPT_CAINFO

is used to verify the authority of certificates, but development servers usually have self-signed certificates that are not included in this package.

The first step is to create your own self-signed certificate. This article describes the process step by step. Make sure when generating the CSR you are using the name of the intended server under Common Name (CN)

eg. ipv4.fiddler

...

Once you have configured your web server with a self signed certificate (for example server.crt

) and a key (for example server.key

), you need to copy it to a folder accessible to your script.



The following basic things can be used to test all this:

$ch = curl_init('https://ipv4.fidler');
curl_setopt_array($ch, array(
    CURLOPT_SSL_VERIFYPEER => true,
    CURLOPT_SSL_VERIFYHOST => 2,
    CURLOPT_VERBOSE => true,
    CURLOPT_CAINFO => '/path/to/server.crt',
));

if (false === curl_exec($ch)) {
    echo "Error while loading page: ", curl_error($ch), "\n";
}

      

+6


source


If you want to send a post request ssl

using Curl

without verifying the certificate, you can use the following code:



$data = array(
    'name' => $name,
    'ip' => $ip,
    'text'=> "text"
);

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL,'https://myserver.com/index.php/');
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,
          http_build_query($data));

// receive server response ...
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$server_output = curl_exec ($ch);
curl_close ($ch);

      

+1


source







All Articles