我使用TestApi检查使用PEM和KEY文件的SSL连接。 但是,如果我编辑我的私钥,似乎无论如何我都可以获得标题。 它应该真的像这样吗?我从来没有得到关于密钥的错误。但是,如果认证不正确,我会收到错误。
我总是得到一个
HTTP / 1.1 200 OK内容类型:text / xml; charset = UTF-8内容长度:5983日期:星期四,18八月2016 21:10:33 GMT服务器:TheServer TheServer BUS RP接口版本:4.0。 0
然后是来自htmlentities的文本。
$url = "https://mylink?wsdl";
// cert file/pass (same as pfx above but converted to pem and key)
$cert_file = "myPemfile.pem";
$cert_password = "myKeyfile.key"; // I've intentionally set the wrong key... but God knows why it still works
// server cert which we trust (this is needed when using VERIFYPEER below)
$cert_server = "serverCA.pem";
$ch = curl_init();
$options = array(
CURLOPT_RETURNTRANSFER => true, //return output
CURLOPT_HEADER => true, // just to see header response
CURLOPT_FOLLOWLOCATION => true, // cant figure this out yet (probably means internal redirect within $url)
CURLOPT_SSL_VERIFYHOST => 2, //ok
CURLOPT_SSL_VERIFYPEER => true, // yes
CURLOPT_CAINFO => $cert_server, // set it
CURLOPT_USERAGENT => 'Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)', // ? seems this is needed
CURLOPT_VERBOSE => false, // change to true/false if you want/(dont want) verbose
CURLOPT_URL => $url , //set
CURLOPT_SSLCERT => $cert_file, //set
//CURLOPT_SSLCERTTYPE => 'PEM', // well.. default is PEM anyway
CURLOPT_SSLKEY => $cert_password, //set
);
curl_setopt_array($ch , $options);
$output = curl_exec($ch);
if(!$output)
{
echo "Curl Error : " . curl_error($ch);
}
else
{
echo "<br /> db: output unparsed :<br />" . $output . "<br /> db: DONE <br /><br />";
echo htmlentities($output);
}
答案 0 :(得分:1)
有几种可能符合您的描述: