CODEWITHSUNDEEP
phpcurl
ibedelovski
ibedelovski

Reputation: 161

Convert PHP code to curl command where only TLSv1 is allowed

How can I convert this php code to curl command? I want to use this code on linux machine by executing single curl command.

$headers = array(
      "Content-type: text/xml",
      "Content-length: " . strlen($xml)
);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 10000);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

$data = curl_exec($ch);

I tired with this one, but unsuccessful:

curl -X POST -H "Content-type: text/xml" -o output.txt -d "param1=param1&username=username&password=password" https://site.url.com -d @data.xml

Maybe the problem is in the HTTPS because only TLSv1 is allowed on the site.

Upvotes: 3

Views: 6823

Answers (3)

Luceos
Luceos

Reputation: 6730

In php you would use:

curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1);

Documentation speaks of more TLS versions:

http://www.php.net/manual/en/function.curl-setopt.php

  • CURL_SSLVERSION_TLSv1_0
  • CURL_SSLVERSION_TLSv1_1
  • CURL_SSLVERSION_TLSv1_2

The TLS versions only work with CURL version 7.34 or newer.

Upvotes: 5

Vavilen T
Vavilen T

Reputation: 87

Problem is not related to TLS/SSL. Client will negotiate TLS automatically. It seems like you need to make a POST some xml data and specify your credentials as GET parameters. It can be done by putting your GET parameters to the request URL

Im not sure on syntax, but try this:

curl -X POST -H "Content-type: text/xml" -o output.txt https://site.url.com?param1=param1&username=username&password=password -d @data.xml

Also, (small offtopic for message above, but i cannt comment it) please not force SSL2, SSL3 or TLS1.0 since they have vulnerabilities. Most servers will negotiate best version of TLS automatically.

Upvotes: 1

NDM
NDM

Reputation: 6840

If you want to force curl to use TLSv1, you can use the --tlsv1 option, from the docs:

-1, --tlsv1

(SSL) Forces curl to use TLS version 1.x when negotiating with a remote TLS server. You can use options --tlsv1.0, --tlsv1.1, and --tlsv1.2 to control the TLS version more precisely (if the SSL backend in use supports such a level of control).

-2, --sslv2

(SSL) Forces curl to use SSL version 2 when negotiating with a remote SSL server. Sometimes curl is built without SSLv2 support. SSLv2 is widely considered insecure.

-3, --sslv3

(SSL) Forces curl to use SSL version 3 when negotiating with a remote SSL server. Sometimes curl is built without SSLv3 support.

Upvotes: 1

Related Questions