如何使用 cURL 发出 HTTPS 请求?

2022-01-25 00:00:00 https ssl-certificate curl php

我有 2 个 php 脚本,用于发送一个 xml 文件并捕获它.我正在使用 cURL,一切正常.现在我正在尝试做同样的事情,但使用 HTTP over SSL (HTTPS).我已经使用 XAMPP 安装了本地服务器,并且我已经按照这篇文章设置了 SSL:在本地 xampp/apache 服务器上设置 SSL .

I have 2 php scripts , to send an xml file and catch it. I am using cURL and everything was ok. Now i am trying to do the same but using HTTP over SSL (HTTPS). I have installed a local server with XAMPP and i have set up SSL by following this post : Setting up SSL on a local xampp/apache server .

我正在尝试像这样发送 xml 文件:

I am trying to send the xml file like this :

<?php
  /*
   * XML Sender/Client.
   */
  // Get our XML. You can declare it here or even load a file.



  $xml = file_get_contents("data.xml");


  // We send XML via CURL using POST with a http header of text/xml.
  $ch = curl_init();

  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
  curl_setopt ($ch, CURLOPT_CAINFO, dirname(__FILE__)."/cacert.pem");

  //i use this line only for debugging through fiddler. Must delete after done with debugging.
  curl_setopt($ch, CURLOPT_PROXY, '127.0.0.1:8888');

  // set URL and other appropriate options
  curl_setopt($ch, CURLOPT_URL, "https://ipv4.fiddler/iPM/receiver.php");
  curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
  curl_setopt($ch, CURLOPT_HEADER, 0);
  curl_setopt($ch, CURLOPT_POST, 1);
  curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
  curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
  curl_setopt($ch, CURLOPT_REFERER, 'https://ipv4.fiddler/iPM/receiver.php');
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  $ch_result = curl_exec($ch);
  echo "Result = ".$ch_result;
  curl_close($ch);
  // Print CURL result.
?>

我从这里下载了 cURL 的新证书:

I downloaded the new certificate for cURL from here :

http://curl.haxx.se/ca/cacert.pem

我不确定我应该把证书放在哪里,但我把它放在我这个项目的工作区目录中.

I am not sure where i should put the certificate but i put it in my workspace directory of this project.

现在的问题是 XML 文件永远不会发送给接收方.有什么想法吗?

The problem now is that the XML file is never sent to the receiver. Any ideas?

推荐答案

您通过 CURLOPT_CAINFO 传递给 cURL 的 cacert.pem 用于验证证书权威机构,但开发服务器通常具有自签名证书,这些证书不包含在该捆绑包中.

The cacert.pem that you're passing to cURL via the CURLOPT_CAINFO is used to verify certificate authorities, but development servers typically have self signed certificates which are not included in that bundle.

第一步是生成您自己的自签名证书.这篇文章分步描述了这个过程.确保在 CSR 生成期间,您使用 Common Name (CN) 下的预期服务器名称,例如ipv4.fiddler.

The first step is to generate your own self signed certificate. This article describes the process step-by-step. Make sure that during the CSR generation you're using the intended server name under the Common Name (CN), e.g. ipv4.fiddler.

使用自签名证书(例如 server.crt)和密钥(例如 server.key)配置您的网络服务器后,您需要复制前者到您的脚本可以访问的位置.

Once you have configured your web server using the self signed certificate (e.g. server.crt) and key (e.g. server.key), you need to copy the former to a location that your script can access it.

以下基本要素可用于验证整个事情:

The following bare essentials can be used to verify the whole thing:

$ch = curl_init('https://ipv4.fidler');
curl_setopt_array($ch, array(
    CURLOPT_SSL_VERIFYPEER => true,
    CURLOPT_SSL_VERIFYHOST => 2,
    CURLOPT_VERBOSE => true,
    CURLOPT_CAINFO => '/path/to/server.crt',
));

if (false === curl_exec($ch)) {
    echo "Error while loading page: ", curl_error($ch), "
";
}

相关文章