0

I am working with Rightmove and their realtime data feed, we received a (self-signed?) certificate (.p12 file) that we had to insert into our browser/PC to connect to the testserver, this is all working great.

Now we are writing our own script, and connecting to the test server via CURL, however we are loading this script from our server and it does not have access to the test server (handshake failed - authentication, after research looks like it is expecting certificate which makes sense), but how do we get access? They are not of great help and I am wondering if we need to add this certificate to our domain/server as well to gain authentication?

Hope you can help!

Jamie000012
  • 247
  • 1
  • 6
  • 20

1 Answers1

-1

You would use the CURLOPT_SSLCERT & CURLOPT_SSLCERTPASSWD options with your CURL command. e.g

$url = "https://www.example.com";
$cert_file = 'certificate_file.pem';
$cert_password = 'password';

$ch = curl_init();

$options = array( 
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_FOLLOWLOCATION => true,
    CURLOPT_SSL_VERIFYHOST => false,
    CURLOPT_SSL_VERIFYPEER => false,

    CURLOPT_USERAGENT => 'Useragent',
    CURLOPT_URL => $url ,
    CURLOPT_SSLCERT => $cert_file ,
    CURLOPT_SSLCERTPASSWD => $cert_password ,
);

curl_setopt_array($ch , $options);

$output = curl_exec($ch);
Callum
  • 42
  • 9
  • 1
    Figured it out with your comment, many thanks! Was using CURLOPT_CAINFO but seems SSLCERT is the one to use (with combination of a PEM file, had to convert my p12 to PEM) – Jamie000012 Jul 03 '14 at 09:21
  • Make sure you're using `CURLOPT_SSL_VERIFYHOST=true` and `CURLOPT_SSL_VERIFYPEER=2`, [otherwise your connection is vulnerable to MITM attacks](http://stackoverflow.com/a/13742121/372643). You will indeed to set up `CURLOPT_CAINFO` (or `CAPATH`) correctly for this too. – Bruno Nov 21 '14 at 10:58