近期正在开发微信支付功能,用crul调用证书时提示类似错误
58 problem with the local client certificate.
经过查找手册和实验,参考php手册提供的以下方案可以解决,代码如下
If you want to connect to a server which requires that you identify yourself with a certificate, use following code. Your certificate and servers certificate are signed by an authority whose certificate is in ca.ctr.
<?php
curl_setopt($ch, CURLOPT_VERBOSE, ‘1‘); //启用时会汇报所有的信息,存放在STDERR或指定的 CURLOPT_STDERR
中。
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, ‘2‘); //2 检查公用名是否存在,并且是否与提供的主机名匹配。
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, ‘1‘); //cURL从服务端进行验证
curl_setopt($ch, CURLOPT_CAINFO, getcwd().‘/cert/ca.crt‘);
curl_setopt($ch, CURLOPT_SSLCERT, getcwd().‘/cert/mycert.pem‘);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, ‘password‘);
?>
If your original certificate is in .pfx format, you have to convert it to .pem using following commands
# openssl pkcs12 -in mycert.pfx -out mycert.key
# openssl rsa -in mycert.key -out mycert.pem
# openssl x509 -in mycert.key >> mycert.pem