How can I access the Puppet API using PHP

Question

I am trying to get a PHP script to access the Puppet API. I have spent 2 days searching and cannot believe that I cant find any info whatsoever (only puppet modules for installing PHP).

I am just trying to use PHP and curl but I am not able to get any kind of response, error or anything. Here is my (very basic) attempt to get the cert from the puppet master:

function get_data($url) {

    $request_headers = array();
    $request_headers[] = 'Accept: s';

    $ch = curl_init();
    $timeout = 5;
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $request_headers);
    $data = curl_exec($ch);
    curl_close($ch);
    return $data;
}    
    $response = get_data('https://<puppet master>:8140/production/certificate/ca');

All I am trying to replicate is a curl call that works from my server:

curl -k -H "Accept: s" https://<puppet master>:8140/production/certificate/ca

I have a feeling that there is probably something obvious I am missing but, I cannot figure it out.

So... why don't you set that `Accept: s` header in your PHP script? — Wrikken, Dec 10 '14 at 22:38
Doh, I missed adding that to my question, thanks for pointing that out (edited). I still get no response data. — omeek, Dec 10 '14 at 22:45
OK, next one from the commandline not included: set `CURLOPT_SSL_VERIFYPEER` to false. If that still doesn't work, try `curl_error($ch);` to make it show you why it fails. — Wrikken, Dec 10 '14 at 22:49
Wrikken, that did the trick! Thank you very much. I think my frustration kept me from seeing the issue. — omeek, Dec 10 '14 at 22:56

omeek · Accepted Answer · 2014-12-10T23:09:12.810

0

Thank to Wrikken and Glen for getting me on track. Once I set the curl_setopt options correctly, it works as expected.

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
curl_setopt($ch, CURLOPT_CAINFO, "/path/to/cacert.pem");

edited Dec 10 '14 at 23:09

answered Dec 10 '14 at 22:57

omeek

1
3

1

Just a heads up, not verifying the SSL cert used in the connection could make you vulnerable to certain man-in-the-middle type attacks on your API requests. Check out [this answer](http://stackoverflow.com/a/18972719/3147637) on SO for a possible solution without using the above method. – Glen Dec 10 '14 at 22:59
Thanks for the heads up Glen. I will continue to work on getting it coded properly now that I at least have something to work with. You guys are very helpful! UPDATE: Glen, that post was very helpful and I now have it working properly. Once again, thank you (and Wrikken)! – omeek Dec 10 '14 at 23:02

How can I access the Puppet API using PHP

1 Answers1