Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
880 views
in Technique[技术] by (71.8m points)

php - Curl - cannot connect using p12 certificate

I'm trying to collect some data using Curl, connecting to service that some external company provided. They, in addition to address itself, sent me p12 certificate file that is required to estabilish connection.

When I'm trying to use it with curl, I get following error:

#58: not supported file type 'P12' for certificate

So far I've tried updating curl and php-curl. Nothing changed.

My code:

...
curl_setopt($ch, CURLOPT_SSLCERT, 'cert_path');
curl_setopt($ch, CURLOPT_SSLCERTTYPE, 'P12');
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, 'my_pass');
...

Funny thing is that this code works on our production environment, while it doesn't work on my local machine (Linux Mint 16).

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Found the solution.

Easiest way to do this is to extract .pem key and certificate from .p12 file.

For example (tested on linux):

openssl pkcs12 -in file.p12 -out file.key.pem -nocerts -nodes
openssl pkcs12 -in file.p12 -out file.crt.pem -clcerts -nokeys

Will create key/cert pair in current directory.

Now, to use it:

curl_setopt($ch, CURLOPT_SSLCERT, 'file.crt.pem');
curl_setopt($ch, CURLOPT_SSLKEY, 'file.key.pem');
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, 'pass');
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, 'pass');

Where pass is the password from .p12 file.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...