PHP Curl TLS Username and Password

Question

I try to use the following curl command in PHP: curl --cacert "/certs/cert.pem" --tlsuser user --tlspassword password --data-urlencode name=value https://url.to/path -o file.txt

My PHP Code is the following, but I get always an error:

$data = array("name" => "value");
$this->curl = curl_init();
curl_setopt_array($this->curl, array(
        CURLOPT_CAINFO => getcwd()."/cert.pem",
        CURLOPT_USERPWD => user.":".password,
        CURLOPT_URL => "https://url.to/path",
        CURLOPT_RETURNTRANSFER => 1,
        CURLOPT_POSTFIELDS => $data,
        CURLOPT_PROTOCOLS => CURLPROTO_HTTPS,
        CURLOPT_FTPSSLAUTH => CURLFTPAUTH_TLS,
        CURLOPT_FTP_SSL => CURLFTPSSL_ALL,
        CURLOPT_SSL_VERIFYPEER => FALSE,
        CURLOPT_SSL_VERIFYHOST => 2
    ));
$res = curl_exec($this->curl);

I receive always an error number 35 (CURLE_SSL_CONNECT_ERROR) and the following error message: rror:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure. Therefore I assume that I made a mistake in the curlopt array, but I do not know what I did wrong. I tried also to let the FTP stuff away, but that worked neither. How can I fix this issue?

Answer 1

--tlsuser and --tlspassword are used for doing SRP (Secure Remote Password) over TLS as per RFC 5054 - not a very commonly used feature of TLS.

Your PHP program doesn't set those options. They're called CURLOPT_TLSAUTH_USERNAME and CURLOPT_TLSAUTH_PASSWORD there.