0

我需要在我的网站上实现 Swish Payment 电子商务 API。swish 给出的测试代码使用 Git Bash 运行良好。样品在这里

curl -s -S -i --cert ./Swish_Merchant_TestCertificate_1231181189.pem --key ./Swish_Merchant_TestCertificate_1231181189.key --cacert ./Swish_TLS_RootCA.pem --tlsv1.1 --header "Content-Type: application/json" https://mss.cpc.getswish.net/swish-cpcapi/api/v1/paymentrequests --data '{ "payeePaymentReference" : "0123456789", "callbackUrl" : "https://myfakehost.se/swishcallback.cfm", "payerAlias" : "4671234768", "payeeAlias" : "1231181189", "amount" : "100", "currency" : "SEK", "message" : "Kingston USB Flash Drive 8 GB" }'

但是当我在 php 中转换它时,它给了我错误 cURL Error #:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

我的php代码在这里

    $data = array(
    "content-type: application/json",
    "accept: application/json",
    "payeePaymentReference: 0123456789",
    "callbackUrl: https://myfakehost.se/swishcallback.cfm",
    "payerAlias: 4671234768",
    "payeeAlias: 1231181189",
    "amount: 100",
    "currency: SEK",
    "message: Kingston USB Flash Drive 8 GB"
);
$curl = curl_init();
curl_setopt($curl, CURLOPT_SSLCERT, getcwd() . '/Swish_Merchant_TestCertificate_1231181189.pem');
curl_setopt($curl, CURLOPT_SSLKEY, getcwd() .'/Swish_Merchant_TestCertificate_1231181189.key');
curl_setopt($curl, CURLOPT_SSLKEYPASSWD,  'swish');
curl_setopt_array($curl, array(
  CURLOPT_URL => 'https://mss.cpc.getswish.net/swish-cpcapi/v1/paymentrequests/',
  CURLOPT_RETURNTRANSFER => TRUE,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_POSTFIELDS => json_encode($data),
  CURLOPT_HTTPHEADER => array(
    "content-type: application/json"
  )
));

$response = curl_exec($curl);

$err = curl_error($curl);
curl_close($curl);
if ($err) {
   echo "cURL Error #:" . $err;
} else {
   echo "Well:" .$response;
}
4

2 回答 2

1

您缺少 CA 证书。

添加以下 curl 选项

curl_setopt($curl, CURLOPT_CAINFO, getcwd() . './Swish_TLS_RootCA.pem');
于 2022-01-29T00:48:36.170 回答
0

我认为这里的问题是您的 php/libcurl 默认为 SSLv3,并且mss.cpc.getswish.net关闭了对 SSLv3 的支持(大多数网站不再支持它,因为它不安全),

1:你正在运行 curl_setopt 没有错误检查,修复它

2:您忘记将 CURLOPT_SSLVERSION 设置为 CURL_SSLVERSION_TLSv1_1 ,修复该问题

if(!curl_setopt($ch,CURLOPT_SSLVERSION,CURL_SSLVERSION_TLSv1_1)){
    throw new \RuntimeException('failed to set CURL_SSLVERSION_TLSv1_1');
}
  • 但鉴于您的 php/libcurl 安装默认为 SSLv3,您的 php 安装可能太旧而无法使用 TLS1.1。这意味着您可能需要更新您的 php/libcurl 安装。
于 2019-03-21T17:27:53.220 回答