Using Curl on a server with SSL

Question

My question is fairly straight-forward, but I will include some background information to flesh out the problem:

I have a server in my office which runs software to create maps. These maps are updated with new information when people in my office enter data into an application.

I have a public website which shows these maps to users. This website is hosted on a GoDaddy shared hosting plan. In order for the website to retrieve a map from my in-house server, I use CURL to send a request to the in-house server. The in-house server checks the IP of the calling server (as well as some other credentials) and then issues a key.

This has always worked well. My website has always been hosted on a dedicated server, which had a static IP. I recently moved the site to a shared plan. I was advised that the only way to have a static IP on this plans is to purchase an SSL certificate. Now my website is unable to authenticate at my in-house server.

I don't know much about SSL. GoDaddy tells me my static IP is one thing, but if I run a PHP command: ( echo $_SERVER['SERVER_ADDR']; ) on my hosted website I see a very different IP.

This leaves me wondering-

1. When I send a CURL request form this SSL certified server, what is the originating IP Address? Is there a way to check?

2. Does a CURL request which originates on an SSL site need any special parameters? I have learned that a request which calls an SSL server must have special parameters. But this is not the case.

Sorry for the long question. Any help would be appreciated.

Answer 1

This has always worked well. My website has always been hosted on a dedicated server, which had a static IP. I recently moved the site to a shared plan. I was advised that the only way to have a static IP on this plans is to purchase an SSL certificate. Now my website is unable to authenticate at my in-house server.

I think you misunderstood. Your IP address will still be static, but there will be multiple web servers on the same IP, that is you have a static but not a dedicated IP address. And it might also change from time to time when the provider decides to move sites between servers to balance the load.

The reason you get a dedicated IP address with SSL only comes from the fact, that IP addresses are a scare resource so you need a good reason to get one dedicated for your own. An SSL certificate is a real reason because traditionally you could only have a single certificate per IP address. This is no longer necessary for modern browsers which support the SSL SNI extension, but some applications still need it.

1. When I send a CURL request form this SSL certified server, what is the originating IP Address? Is there a way to check?

Usually such a server has multiple IP addresses and there might be IPs added and removed while the server is running (if web sites are added/removed). So you cannot be sure about a specific IP you have as source IP for the connection from curl. At most you can check for a specific network.

2. Does a CURL request which originates on an SSL site need any special parameters? I have learned that a request which calls an SSL server must have special parameters. But this is not the case.

The SSL-enabled web server is one software at the server. curl is another software. Configuration of the web server does not affect how you have to use curl with an unrelated site.