PHP Curl is enabled but not working

Question

I'm trying to get data from an API using PHP CURL extension but is not working. The same code in another server is running.

(Server 1) CURL configuration: It works

(Server 2) CURL configuration: Does not work

Is any firewall configuration?

<?php

    $con = curl_init();
    $url = "https://api.moloni.com/v1/companies/getOne/?access_token=123456";
    $my_values = array('company_id' => 0);

    curl_setopt($con, CURLOPT_URL, $url);
    curl_setopt($con, CURLOPT_POST, true);
    curl_setopt($con, CURLOPT_POSTFIELDS, http_build_query($my_values));
    curl_setopt($con, CURLOPT_HEADER, false);
    curl_setopt($con, CURLOPT_RETURNTRANSFER, true);

    $res_curl = curl_exec($con);
    curl_close($con);

    $res_txt = json_decode($res_curl, true);
    if(!isset($res_txt['error'])){
        echo 'Result: '.print_r($res_txt,true).'';
    }else{
        echo 'Erro: '.print_r($res_txt,true).'';
    }

    ini_set('display_errors', 1);
    ini_set('display_startup_errors', 1);
    error_reporting(E_ALL);

?>

Edit:

<?php

    ini_set('display_errors', 1);
    ini_set('display_startup_errors', 1);
    error_reporting(E_ALL);


    $con = curl_init();
    $url = "https://api.moloni.com/v1/companies/getOne/?access_token=123456";
    $my_values = array('company_id' => 0);

    curl_setopt($con, CURLOPT_URL, $url);
    curl_setopt($con, CURLOPT_POST, true);
    curl_setopt($con, CURLOPT_POSTFIELDS, http_build_query($my_values));
    curl_setopt($con, CURLOPT_HEADER, false);
    curl_setopt($con, CURLOPT_RETURNTRANSFER, true);

    $res_curl = curl_exec($con);

    if($res_curl === false){ echo 'Curl error: ' . curl_error($con);}

    curl_close($con);


    $res_txt = json_decode($res_curl, true);
    if(!isset($res_txt['error'])){
        echo 'Result: '.print_r($res_txt,true).'';
    }else{
        echo 'Erro: '.print_r($res_txt,true).'';
    }


?>

Result:

Server 1: Erro: Array ( [error] => invalid_request [error_description] => Invalid access token. ) It works!

Server 2: Curl error: SSL certificate problem: unable to get local issuer certificate

Edit 2:

<?php

    ini_set('display_errors', 1);
    ini_set('display_startup_errors', 1);
    error_reporting(E_ALL);


    $con = curl_init();
    $url = "https://api.moloni.com/v1/companies/getOne/?access_token=123456";
    $my_values = array('company_id' => 0);

    curl_setopt($con, CURLOPT_URL, $url);
    curl_setopt($con, CURLOPT_POST, true);
    curl_setopt($con, CURLOPT_POSTFIELDS, http_build_query($my_values));
    curl_setopt($con, CURLOPT_HEADER, false);
    curl_setopt($con, CURLOPT_RETURNTRANSFER, true);

    curl_setopt($con, CURLOPT_SSL_VERIFYPEER, 1);
    curl_setopt($con, CURLOPT_SSL_VERIFYHOST, 2);
    curl_setopt($con, CURLOPT_CAINFO, 'cacert.pem');

    $res_curl = curl_exec($con);

    if($res_curl === false){ echo 'Curl error: ' . curl_error($con);}

    curl_close($con);


    $res_txt = json_decode($res_curl, true);
    if(!isset($res_txt['error'])){
        echo 'Result: '.print_r($res_txt,true).'';
    }else{
        echo 'Erro: '.print_r($res_txt,true).'';
    }


?>

It works! :)

Answer 1

Got same issue on Windows 10. curl extension is enabled. solved by adding php dir to PATH variable.

My computer> Properties> Advanced system settings > Environment variables.

add php working directory (f.e C:\php) to 'Path' system variable.

don't forget to restart Apache.

Answer 2

It looks like the second server you are using where the cURL request fails is a Windows platform.

The problem is that cURL needs a trusted list of certificate authority certificates in order to verify the identity of the website you are connecting to but either doesn't have any or is missing the CA certificate for the site you are connecting to.

At the very least, adding this to your request should fix your issue:

curl_setopt($con, CURLOPT_CAINFO, 'C:/path/to/GeoTrustGlobalCA.pem');

The cert contents for GeoTrustGlobalCA.pem should be:

-----BEGIN CERTIFICATE-----
MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG
EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg
R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9
9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq
fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv
iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU
1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+
bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW
MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA
ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l
uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn
Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS
tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF
PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
-----END CERTIFICATE-----

For maximum portability, try downloading cacert.pem from http://curl.haxx.se/docs/caextract.html and set CURLOPT_CAINFO to that file and include it with your source code.