Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Passing client certificates through Curl request using Guzzle

I have the following curl command

sudo curl -E openyes.crt.pem --key openyes.key.pem https://sky.myapitutorial.in:444/app/live/get

which works fine. But when I am trying to do from Guzzle, its failing.

I am unable to pass the client certificates in the request.

This is what I tried

$headers = ['Content-Type' => 'application/json','X-Client-Id' => config('mykey') , 'X-Client-Secret' => config('mykey')];

        $client = new client();

        try {
            $response = $client->post(
                $endpoint
                , 
                ['json' => $content, 'headers' => $headers,['connect_timeout' => 650]],
                [
                    'config' => [
                        'curl' => [
                            'CURLOPT_SSLKEY' => base_path().'/openyes.key.pem',
                            'CURLOPT_SSLCERT' => base_path().'/openyes.crt.pem',
                            'CURLOPT_VERBOSE' => true
                        ],
                    ]
                ],
                ['debug'=>true],
                ['http_errors' => false]
            );

            dd($response);

        }
        catch (GuzzleHttp\Exception\ClientException $e) {
            $response = $e->getResponse();
            throw $e;
        }

I couldn't find any solution in Guzzle documentation.

Any idea why is this not working?

The error I am getting is

cURL error 35: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure (see http:\/\/curl.haxx.se\/libcurl\/c\/libcurl-errors.html)
like image 963
Ajeesh Avatar asked Mar 29 '18 06:03

Ajeesh


People also ask

How do I pass client certificate in cURL?

Make a request from Curl using mutual TLS The CA root certificate will be used to verify that the client can trust the certificate presented by the server. Pass your certificate, private key, and root CA certificate to curl to authenticate your request over TLS.

Does guzzle use cURL?

Guzzle has historically only utilized cURL to send HTTP requests. cURL is an amazing HTTP client (arguably the best), and Guzzle will continue to use it by default when it is available. It is rare, but some developers don't have cURL installed on their systems or run into version specific issues.

How do I send HTTP request using guzzle?

Sending Requests You can create a request and then send the request with the client when you're ready: use GuzzleHttp\Psr7\Request; $request = new Request('PUT', 'http://httpbin.org/put'); $response = $client->send($request, ['timeout' => 2]);

Is guzzle better than cURL?

It provides easy user interface. Guzzle can use various kinds of HTTP clients .


1 Answers

You can use ssl_key and cert:

$response = $client->post(
    $endpoint, [
        'json' => $content,
        'headers' => $headers,
        'connect_timeout' => 650,
        // add these
        'cert' => '/path/to/openyes.crt.pem',
        'ssl_key' => '/path/to/openyes.key.pem'
    ]
);

if they have a pass phrase, you can set them like this:

        'cert' => ['/path/to/openyes.crt.pem', 'password'],
        'ssl_key' => ['/path/to/openyes.key.pem', 'password']
like image 168
Federkun Avatar answered Sep 16 '22 19:09

Federkun