customer.pem
服务器给了我一个我应该使用的客户端证书。如果我在文本编辑器中打开它,它同时包含客户端证书和客户端密钥:
-----BEGIN RSA PRIVATE KEY-----
here is private key
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
here is certificate
-----END CERTIFICATE-----
但是根据 PHP curl doc,有两个单独的选项用于设置客户端证书和客户端私钥:
CURLOPT_SSLCERT The name of a file containing a PEM formatted certificate;
CURLOPT_SSLKEY The name of a file containing a private SSL key;
拥有customer.pem
证书和私钥的文件 - 我可以只设置CURLOPT_SSLCERT
选项吗?CURL 会自动读取客户端密钥并正确使用它吗?如下所示:
$curl_opt = array(
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_SSL_VERIFYPEER => 1,
CURLOPT_SSLCERT => $cert_dir . 'customer.pem',
CURLOPT_CAINFO => $cert_dir . 'ca.crt',
CURLOPT_SSLCERTPASSWD => $extra_settings['certificate_password'],
);