Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Curl - cannot connect using p12 certificate

Tags:

php

curl

ssl

I'm trying to collect some data using Curl, connecting to service that some external company provided. They, in addition to address itself, sent me p12 certificate file that is required to estabilish connection.

When I'm trying to use it with curl, I get following error:

#58: not supported file type 'P12' for certificate

So far I've tried updating curl and php-curl. Nothing changed.

My code:

...
curl_setopt($ch, CURLOPT_SSLCERT, 'cert_path');
curl_setopt($ch, CURLOPT_SSLCERTTYPE, 'P12');
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, 'my_pass');
...

Funny thing is that this code works on our production environment, while it doesn't work on my local machine (Linux Mint 16).

like image 878
ex3v Avatar asked Jun 23 '14 10:06

ex3v

People also ask

Does curl support p12?

(TLS) Tells curl what type the provided client certificate is using. PEM, DER, ENG and P12 are recognized types. If not specified, PEM is assumed. If this option is used several times, the last one will be used.

How do I pass client certificate in curl?

Make a request from Curl using mutual TLS The CA root certificate will be used to verify that the client can trust the certificate presented by the server. Pass your certificate, private key, and root CA certificate to curl to authenticate your request over TLS.

How do I fix curl 60 SSL certificate problem self-signed certificate?

The error you have encountered claims your certificate is self-signed, so it's non-trusted by default. That's why you are getting the OpenSSL warning. To solve this, you'll need to install it as a trusted server. If it's signed by a non-trusted CA, you'll have to install that CA's certificate as well.

1 Answers

Found the solution.

Easiest way to do this is to extract .pem key and certificate from .p12 file.

For example (tested on linux):

openssl pkcs12 -in file.p12 -out file.key.pem -nocerts -nodes
openssl pkcs12 -in file.p12 -out file.crt.pem -clcerts -nokeys

Will create key/cert pair in current directory.

Now, to use it:

curl_setopt($ch, CURLOPT_SSLCERT, 'file.crt.pem');
curl_setopt($ch, CURLOPT_SSLKEY, 'file.key.pem');
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, 'pass');
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, 'pass');

Where pass is the password from .p12 file.

like image 125
ex3v Avatar answered Sep 21 '22 18:09

ex3v
Sign in to Comment

Related questions

WhereNotExists Laravel Eloquent
Include whole content of a file and echo it
What does the "Add DROP TABLE / VIEW / PROCEDURE / FUNCTION" checkbox do in phpmyadmin
Is a cookie secure in a HTTPS connection?
How to set a session variable when clicking a <a> link
PHPUnit store properties on test class
cURL retry in PHP
php domdocument get node value where attribute value is
array_key_exists($key, $array) vs !empty($array[$key])
Using long int in PHP
Encode the url including hyphen(-) and dot(.) in php
Is there a PHP equivalent for `public static main(String[] args)` in Java? [duplicate]
PHP - Get object properties by variable
PHP check if file exists and not directory
Need Help Understanding productAttribute() Method for Product Pages
How to recognise adult content programmatically?
How can I set a date to NULL in Yii?
Composer, move files from /vendor/ folder
PHP CURL Download File
Is mysqli_real_escape_string safe?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!