cURL SSL request fails

Question

I'm trying to work with Liveperson REST API, I use the following php code:

$authorization = "LivePerson appKey=MY_APP_KEY";
$accept = "application/xml";
$contentType = "application/xml";


$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . "C:/dev/wamp/exported.crt");

curl_setopt($ch, CURLOPT_URL, "https://dev.liveperson.net/api/account/1234?v=1");
curl_setopt($ch,CURLOPT_HTTPHEADER,array('Authorization: '.$authorization,'Accept: '.$accept,'Content-Type: '.$contentType));
curl_exec($ch);
$response = curl_getinfo( $ch );
var_export($response);
curl_close($ch);

The request fails, I already tried the following

• enabeling openssl on php.ini
• exporting the certificate from liveperson server and using it in my code
• followed the instruction here

any help will be appreciated!

Answer 1

Remove CA certificate from your request:

# curl_setopt($ch, CURLOPT_CAINFO, getcwd() . "C:/dev/wamp/exported.crt");

Actually you have to define here the public key/certificate file of the Certificate Authority (which is in your case VeriSign). The certificate of Liveperson is definitely wrong.

Check if the certificate is responsible for your problems:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

This setting is of course no recommendation for your project but it might help to identify the problem. If the certification process is somehow responsible you should get a successful connection to the API host of Liveperson.

If the certification process is indeed responsible try to download [VeriSign's public root certificate] and use it as CAINFO:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_CAINFO, "C:/dev/wamp/verisign_root.crt");

Answer 2

Try removing getcwd() from line 9 in your code. You are using fullpath "C:/dev/wamp/exported.crt", that is relative to your current working directory, this is wrong. :)

Hope this solves it