1. 技术文章
  2. php curl with certificate and key file not connecting with swish payment api

php curl with certificate and key file not connecting with swish payment api

早过忘川 提交于 2021-02-11 12:15:22

问题


I need to implement Swish Payment e-commerce API with my website. Testing code given by swish is working fine using Git Bash. Sample is here

curl -s -S -i --cert ./Swish_Merchant_TestCertificate_1231181189.pem --key ./Swish_Merchant_TestCertificate_1231181189.key --cacert ./Swish_TLS_RootCA.pem --tlsv1.1 --header "Content-Type: application/json" https://mss.cpc.getswish.net/swish-cpcapi/api/v1/paymentrequests --data '{ "payeePaymentReference" : "0123456789", "callbackUrl" : "https://myfakehost.se/swishcallback.cfm", "payerAlias" : "4671234768", "payeeAlias" : "1231181189", "amount" : "100", "currency" : "SEK", "message" : "Kingston USB Flash Drive 8 GB" }'

but when i convert it in php it gives me error cURL Error #:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

My php code is here

    $data = array(
    "content-type: application/json",
    "accept: application/json",
    "payeePaymentReference: 0123456789",
    "callbackUrl: https://myfakehost.se/swishcallback.cfm",
    "payerAlias: 4671234768",
    "payeeAlias: 1231181189",
    "amount: 100",
    "currency: SEK",
    "message: Kingston USB Flash Drive 8 GB"
);
$curl = curl_init();
curl_setopt($curl, CURLOPT_SSLCERT, getcwd() . '/Swish_Merchant_TestCertificate_1231181189.pem');
curl_setopt($curl, CURLOPT_SSLKEY, getcwd() .'/Swish_Merchant_TestCertificate_1231181189.key');
curl_setopt($curl, CURLOPT_SSLKEYPASSWD,  'swish');
curl_setopt_array($curl, array(
  CURLOPT_URL => 'https://mss.cpc.getswish.net/swish-cpcapi/v1/paymentrequests/',
  CURLOPT_RETURNTRANSFER => TRUE,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_POSTFIELDS => json_encode($data),
  CURLOPT_HTTPHEADER => array(
    "content-type: application/json"
  )
));

$response = curl_exec($curl);

$err = curl_error($curl);
curl_close($curl);
if ($err) {
   echo "cURL Error #:" . $err;
} else {
   echo "Well:" .$response;
}

回答1:


i think the problem here is that your php/libcurl defaulted to SSLv3, and that mss.cpc.getswish.net has turned off support for SSLv3 (most websites don't support it anymore because it's insecure),

1: you're running curl_setopt without error checking, fix that

2: you forgot to set CURLOPT_SSLVERSION to CURL_SSLVERSION_TLSv1_1 , fix that

if(!curl_setopt($ch,CURLOPT_SSLVERSION,CURL_SSLVERSION_TLSv1_1)){
    throw new \RuntimeException('failed to set CURL_SSLVERSION_TLSv1_1');
}
  • but given that your php/libcurl installation defaulted to SSLv3, your php installation is probably too old to use TLS1.1 anyway.. which means you probably need to update your php/libcurl installation.


来源:https://stackoverflow.com/questions/55281820/php-curl-with-certificate-and-key-file-not-connecting-with-swish-payment-api

标签
php
curl
certificate
pem
Swish
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!