CODEWITHSUNDEEP
phpcurlsslhttpsopenssl
kevinn2065
kevinn2065

Reputation: 375

Curl SSL Request 400 Bad Request

I'm trying to make a request using php and curl. Heres a working example that I use from command line 

curl -k --cacert c:/cert/server_ca.pem  --cert c:/cert/signed_client_cert.pem --key c:/cert/cert_req_rsa_private_key.pem

heres what I have so far, It returns a 400- bad request, does anyone know how I can get more usefull errors or what I could be doing wrong?

ini_set('display_errors',1);
//phpinfo();

$cert = "C:/cert/signed_client_cert.pem";
$key = "C:/cert/cert_req_rsa_private_key.pem";
$pass = "key1123";
$caInfo = "C:/cert/server_ca.pem";


$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://api.apitest.com/v/2/products/04003274058");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/xml'));
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_CAINFO, $caInfo);
curl_setopt($ch, CURLOPT_SSLCERT, $cert);
curl_setopt($ch, CURLOPT_SSLKEY, $key);
curl_setopt($ch, CURLOPT_VERBOSE, true);
//curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $pass);
//curl_setopt($ch, CURLOPT_SSLCERTTYPE, 'PEM');
//curl_setopt($ch, CURLOPT_SSLKEYPASSWD, $pass);
//curl_setopt($ch, CURLOPT_SSLKEYTYPE, 'PEM');


$response = curl_exec($ch);
echo curl_error($ch);
echo var_dump($response);

Upvotes: 1

Views: 2142

Answers (2)

kevinn2065
kevinn2065

Reputation: 375

Strangely the issue seems to be a bug in Php's curl, I switched to httprequest and it worked

Upvotes: 0

jww
jww

Reputation: 102376

The curl command is incomplete, so its hard to say what may (or may not) be different. But from the command line, Curl uses Accept: */*; and does not use Content-Type (see the Wireshark capture below for curl www.google.com)).

For reading on the difference between Accept and Content-Type, see Difference between accept and content-type http headers on Webmasters Stack Exchange.

enter image description here

Just bike shedding, but this has room for improvement:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

If you feel you have to use it like that, then pick an anonymous protocol. It will save the server from sending its certificate since nothing is being verified anyway.

Upvotes: 2

Related Questions