I am having trouble connecting to TransUnion's test API via php using cURL. Please let me know if anyone has already done this. I already have my XML file ready to send to them, I just don't know what is the problem because I received a .p12 file from them that contains the certificate and key but still it's not letting me connect. I tried the following:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
curl_setopt($ch, CURLOPT_SSLCERT, getcwd().'/certs/cert.pem');
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, 'test_pass');
curl_setopt($ch, CURLOPT_SSLKEYTYPE, 'PEM');
curl_setopt($ch, CURLOPT_SSLKEY, getcwd().'/certs/key.pem');
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, 'test_pass');
Then I tried connecting via Terminal on my mac using:
curl -cert /Users/temp_user/cert.pem -key /Users/temp_user/key.pem https://netaccess-test.transunion.com
Can someone please let me know what I am doing wrong. Thanks.
It is used as a portable format for transferring personal private keys and other sensitive information. P12 files are used by various security and encryption programs. P12 keys store a private key that encrypts information in such a way that it can be decrypted only by the corresponding public key.
I know this is an older post but since I came across it while trying to figure out the connection issues I was having with TransUnion, I figured I'd post what I did to get it working in case anyone else still needs help with this.
I worked with TransUnion support team to combine what I had and the info they had and I was able to get a working solution.
The biggest issue that I found was the instructions all over the place for how to convert the cert.
Use the below commands to convert the cert in order to get the needed pieces to use for the connection. Yes you need 3, most answers out there kept saying to only get 2 but you need all 3:
Convert the certificate into three different certificates for the client, the private key and the certification authority certificate.
openssl pkcs12 -in client_systemID.p12 -out ca.pem -cacerts -nokeys //Outputs CA certificates from .p12 file into ca.pem
openssl pkcs12 -in client_systemID.p12 -out client.pem -clcerts -nokeys //Outputs client certificates from.p12 file into client.pem
openssl pkcs12 -in client_systemID.p12 -out key.pem -nocerts -nodes //Outputs private keys from.p12 into key.pem
Then you can start setting up your code:
$keyFile = "key.pem";
$caFile = "ca.pem";
$certFile = "client.pem";
$certPass = $_ENV['TUNASSLPass']; //I am storing the passphrase in an Env variable
$URL = "https://netaccess-test.transunion.com";
$data = "<tuna-request-data>"; //need to set this to append to the URL
$xml = "<?xml version='1.0' encoding='UTF-8'?><creditBureau xmlns='http://www.transunion.com/namespace' xsi:schemaLocation='http://www.transunion.com/namespace creditBureau.xsd' xmlns:xsi='http://www.w3.org/3001/XMLSchema-instance'>{The rest of your XML}</creditBureau>";
// Initialise cURL
$ch = curl_init($actualUrl);
// The -d option is equivalent to CURLOPT_POSTFIELDS. But...
// PHP's libcurl interface does not implement the -G flag - instead you would
// append $data to $url like this:
$actualUrl = $URL.'?'.$data;
curl_setopt($ch, CURLOPT_URL, $actualUrl);
// The -v flag only makes sense at the command line, but it can be enabled
// with CURLOPT_VERBOSE - in this case the information will be written to
// STDERR, or the file specified by CURLOPT_STDERR. I will ignore this for
// now, but if you would like a demonstration let me know.
// The --key option - If your key file has a password, you will need to set
// this with CURLOPT_SSLKEYPASSWD
curl_setopt($ch, CURLOPT_SSLKEY, $keyFile);
// The --cacert option
curl_setopt($ch, CURLOPT_CAINFO, $caFile);
// The --cert option
curl_setopt($ch, CURLOPT_SSLCERT, $certFile);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $certPass);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
curl_setopt($ch, CURLOPT_POSTFIELDS, "xml=" . $xml);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
try
{
$result = curl_exec($ch);
}
catch (Exception $e)
{
echo 'There was an issue querying TransUnion. Here is the returned exception info: ', $e->getMessage(), "\n";
}
if (curl_errno($ch) > 0)
{
$result = array('errocurl' => curl_errno($ch), 'msgcurl' => curl_error($ch));
echo "There was an error calling Trans Union. Here is the error info: <br>" . curl_error($ch);
}
curl_close($ch);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With