Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Passing .PEM and .KEY as string in Curl using PHP

Tags:

php

curl

https

ssl

ssl-certificate

I've a CERT and private key files. I'm using cUrl and PHP to connect to another service. At the moment, I've cert and key in files and it works perfectly fine with following code:

$pemfile = "cert.pem";
$keyfile = "private_key.key";
$url = "someTestUrl";
$requestXml = "requestData";

$ch = curl_init(); 
curl_setopt($ch, CURLOPT_URL, $url); 
curl_setopt($ch, CURLOPT_VERBOSE, 1); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); 
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1); 
curl_setopt($ch, CURLOPT_FAILONERROR, 1); 
curl_setopt($ch, CURLOPT_SSLCERT, $pemfile); 
curl_setopt($ch, CURLOPT_SSLCERTTYPE, 'PEM'); 
curl_setopt($ch, CURLOPT_SSLKEY, $keyfile); 
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
curl_setopt($ch, CURLOPT_POSTFIELDS, $requestXml);
$ret = curl_exec($ch);

My question is: Can I pass cert and key as strings rather passing them as files? I tried simply passing contents of respective files as strings like this:

$pemfile = "-----BEGIN CERTIFICATE-----CERTDATAASSTRING-----END CERTIFICATE-----";
$keyfile = "-----BEGIN RSA PRIVATE KEY-----PRIVATEKEYINCODE-----END RSA PRIVATE KEY-----";

...and needless to say...it didn't work :(

Any ideas? pointers? suggestions???

like image 874
bianca Avatar asked Oct 31 '11 19:10

bianca

2 Answers

The answer is unfortunately as easy as it is simple: No, it is not possible.

The underlying libcurl actually has an API for providing keys and certs directly from memory, but the PHP/CURL extension only has support for providing them as files!

Bonus material:

If you're sure that your libcurl is built with OpenSSL, you can actually use the CURLOPT_SSL_CTX_FUNCTION option to do it. However:

  1. that makes it an libcurl+OpenSSL specific solution

  2. I don't think PHP/CURL exposes that function (enough) to allow this. You would probably need to extend the binding code first...

(I should add that I am the main author and maintainer of libcurl.)

like image 67
Daniel Stenberg Avatar answered Oct 19 '22 06:10

Daniel Stenberg

Using tmpfile() might suffice as a workaround.

$tempPemFile = tmpfile();
fwrite($tempPemFile, $pemfile);
$tempPemPath = stream_get_meta_data($tempPemFile);
$tempPemPath = $tempPemPath['uri'];

and then:

curl_setopt($ch, CURLOPT_SSLCERT, $tempPemPath);

but make sure you close it after so the tmp file is delete

fclose($tempPemFile);
like image 35
MDrollette Avatar answered Oct 19 '22 07:10

MDrollette
Sign in to Comment

Related questions

Use query twice mysql_fetch_array
PHPUnit: Get name of test class and method from setUp()?
PHP exec change encoding
What is the use of constructor in abstract class in php
how to make default page home.php instead of index.html and index.php
Laravel - syntax error, unexpected end of file
Strict Standards: Declaration of ' ' should be compatible with ' '
How to add a space after every character in a string in php?
Doctrine2 association mapping with conditions
How to enable https (localhost) url in WAMP server (v2.5)? [duplicate]
Pass a custom message (or any other data) to Laravel 404.blade.php
Telegram Bot custom keyboard in PHP
jQuery-like selectors for PHP DOMDocument
PHP equivalent to Python's yield operator
PHP: Merge 2 Multidimensional Arrays
ftp_nlist command not working
mysql PDO how to bind LIKE
In PHP when submitting strings to the database should I take care of illegal characters using htmlspecialchars() or use a regular expression?
PHP Warning: PHP Startup: ????????: Unable to initialize module
Curl request is failing on the SSL?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!