1

我使用 XAMPP 设置了本地服务器。我有两个 PHP 脚本,一个发送者和一个接收者。我正在尝试使用基于 SSL 的 HTTP (HTTPS) 将 XML 文件从发送方发送到接收方。

我创建了一个自签名证书,配置了 XAMPP,并且我在我的发件人上使用了这个代码:

<?php
  /*
   * XML Sender/Client.
   */
  // Get our XML. You can declare it here or even load a file.


  $xml = file_get_contents("data.xml");

  // We send XML via CURL using POST with a http header of text/xml.
  $ch = curl_init();

  //curl_setopt($ch, CURLOPT_SSLVERSION,3);

  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);

  curl_setopt($ch, CURLOPT_CAINFO,  getcwd().'ipm.crt');
  curl_setopt($ch, CURLOPT_SSLCERT, getcwd().'ipm.pem');

  curl_setopt($ch, CURLOPT_SSLCERTPASSWD,'pass');

  //i use this line only for debugging through fiddler. Must delete after done with debugging.
  curl_setopt($ch, CURLOPT_PROXY, '127.0.0.1:8888');

  // set URL and other appropriate options
  curl_setopt($ch, CURLOPT_URL, "https://ipv4.fiddler/iPM/receiver.php");
  curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
  curl_setopt($ch, CURLOPT_HEADER, 0);
  curl_setopt($ch, CURLOPT_POST, 1);
  curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
  curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
  curl_setopt($ch, CURLOPT_REFERER, 'https://ipv4.fiddler/iPM/receiver.php');
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  $ch_result = curl_exec($ch);
  echo "Result = ".$ch_result;

  echo 'Curl error: ' . curl_error($ch);

  curl_close($ch);
  // Print CURL result.
?>

但是我总是得到这个错误:Curl error: unable to use client certificate (no key found or wrong pass phrase?)

我可能会做错什么?密码是这个词pass

我通过以下方式创建了我的 .crt:

openssl req -config openssl.cnf -new -out ipm.csr -keyout ipm.pem

openssl rsa -in ipm.pem -out ipm.key

openssl x509 -in ipm.csr -out ipm.crt -req -signkey ipm.key -days 365

我不想把SSL_VERIFYPEERandSSL_VERIFYHOST设置为假。

4

2 回答 2

1

尝试像这样交换文件:

curl_setopt($ch, CURLOPT_CAINFO, getcwd().'ipm.pem');
curl_setopt($ch, CURLOPT_SSLCERT, getcwd().'ipm.crt');

我怀疑你把它们弄错了。

于 2014-08-01T14:24:18.290 回答
0

我认为您已经解决了问题,但我可以看到两个问题:

  1. 您忘记了 and 之间的getcwd()斜线filename
    curl_setopt($ch, CURLOPT_CAINFO, getcwd().'/ipm.crt');
    curl_setopt($ch, CURLOPT_SSLCERT, getcwd().'/ipm.pem');
  2. @donparalias如前所述,您需要附加一个密钥文件
于 2014-07-28T13:18:51.373 回答