0

I am trying to get PHP Curl working using the following code: I own the domain that is using the api and I can make any changes to the server that it is running on.

<?php
ini_set('display_errors',1);
ini_set('display_startup_errors',1);
error_reporting(-1);

$data = array("username" => "derped", "authid" => "987654321", "ipaddress" => "1.2.3.4", "apikey" => "1234567829");
$data_string = json_encode($data);
$url = 'https://www.somedomain.com/test/api.php';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: Content-Type: text/html'));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($ch);
if(curl_exec($ch) === false)
{
    echo curl_error($ch);
}
else
{
    echo 'ok';
}

curl_close($ch);

$received = json_decode($result);
$check = $received->{'good'};
echo $result;
echo $check;
?>

Curl returns the error: Peer reports it experienced an internal error. When I curl the domain itself (https://www.somedomain.com) it returns the same error. Even when I use curl via the terminal it returns the 35 error, but when I try to curl the domain without HTTPS it returns the 302 found but since my domain is https only this will not be the solution, it just echos the move page. I know this has something todo with curl using https but https://www.google.com works so I dont know where to start...

Ecluniam
  • 1
  • 2
  • your certificate, is it self-signed? you may need to set verifypeer and/or verifyhost as 0... – Aaron Gong Oct 20 '15 at 05:18
  • the certificate is an official one (Comodo), I have supplied the ca in my SSL build. After adding your suggestion to the code it returns: Cannot communicate securely with peer: no common encryption algorithm(s). Will check the error. – Ecluniam Oct 20 '15 at 05:25

3 Answers3

0

Below is an answer in from php.net. Apparently it should help solve the unknown protocol issue...

If you get an error with the error code 35 saying "Unknown SSL protocol error in connection to ...", maybe you are using the wrongs ciphers.

Try to precise a bunch of ciphers as below:

$arrayCiphers = array(
    'DHE-RSA-AES256-SHA',
    'DHE-DSS-AES256-SHA',
    'AES256-SHA:KRB5-DES-CBC3-MD5',
    'KRB5-DES-CBC3-SHA',
    'EDH-RSA-DES-CBC3-SHA',
    'EDH-DSS-DES-CBC3-SHA',
    'DES-CBC3-SHA:DES-CBC3-MD5',
    'DHE-RSA-AES128-SHA',
    'DHE-DSS-AES128-SHA',
    'AES128-SHA:RC2-CBC-MD5',
    'KRB5-RC4-MD5:KRB5-RC4-SHA',
    'RC4-SHA:RC4-MD5:RC4-MD5',
    'KRB5-DES-CBC-MD5',
    'KRB5-DES-CBC-SHA',
    'EDH-RSA-DES-CBC-SHA',
    'EDH-DSS-DES-CBC-SHA:DES-CBC-SHA',
    'DES-CBC-MD5:EXP-KRB5-RC2-CBC-MD5',
    'EXP-KRB5-DES-CBC-MD5',
    'EXP-KRB5-RC2-CBC-SHA',
    'EXP-KRB5-DES-CBC-SHA',
    'EXP-EDH-RSA-DES-CBC-SHA',
    'EXP-EDH-DSS-DES-CBC-SHA',
    'EXP-DES-CBC-SHA',
    'EXP-RC2-CBC-MD5',
    'EXP-RC2-CBC-MD5',
    'EXP-KRB5-RC4-MD5',
    'EXP-KRB5-RC4-SHA',
    'EXP-RC4-MD5:EXP-RC4-MD5');
curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, implode(':', $arrayCiphers));

Worked for me, could work for you! P.S: Used with PHP 5.4 and cURL 7.26.0.

Community
  • 1
  • 1
Aaron Gong
  • 977
  • 7
  • 18
  • I will try to match the cipher order I have configured in my box, will post back the results. – Ecluniam Oct 20 '15 at 05:34
  • Unfo it returns unknown cipher list; i just upgraded curl to 7.45 thinking it would fix ssl issues since my version was 7.29 but no cigar... still the Cannot communicate securely with peer: no common encryption algorithm(s) error. Instead of using curl would fsocket or fopen be an good alternative since I only need to post one chunk of encrypted data. Also checked my firewall; 443 is allowed in and out – Ecluniam Oct 20 '15 at 07:06
  • You want to try file_get_contents first and do a simple test on the API? The function can be set to do a POST. – Aaron Gong Oct 20 '15 at 07:13
0

Unable to get Curl working I decided to use file_get_contents and stream_context_create.

For those interested in an alternative:

Client:

$data = new stdClass();
$data->apikey = "1234567890";

$json_data = json_encode($data);

$post = file_get_contents('http://URL/api.php',null,stream_context_create(array(
    'http' => array(
        'method'           => 'POST',
        'content'          => $json_data,
    )
)));

if ($post) {
    echo $post;
} else {
    echo "POST failed";
}

API/Webservice:

$receive = fopen('php://input', 'r');
$received = stream_get_contents($receive);
$data = json_decode($received);
$apikey = $data->{'apikey'};
If($apikey == 1234567890)
{
    $response = array("good" => true);
    $goresponse = json_encode($response);
    print_r($goresponse);
}
else
{
    $response = array("good" => false);
    $goresponse = json_encode($response);
    print_r($goresponse);
}

Note that these are the basics, the stream would prob. need more arguments depending on the webservice restrictions, good luck!

Ecluniam
  • 1
  • 2
0
$arrayCiphers = array(
    'DHE-RSA-AES256-SHA',
    'DHE-DSS-AES256-SHA',
    'AES256-SHA:KRB5-DES-CBC3-MD5',
    'KRB5-DES-CBC3-SHA',
    'EDH-RSA-DES-CBC3-SHA',
    'EDH-DSS-DES-CBC3-SHA',
    'DES-CBC3-SHA:DES-CBC3-MD5',
    'DHE-RSA-AES128-SHA',
    'DHE-DSS-AES128-SHA',
    'AES128-SHA:RC2-CBC-MD5',
    'KRB5-RC4-MD5:KRB5-RC4-SHA',
    'RC4-SHA:RC4-MD5:RC4-MD5',
    'KRB5-DES-CBC-MD5',
    'KRB5-DES-CBC-SHA',
    'EDH-RSA-DES-CBC-SHA',
    'EDH-DSS-DES-CBC-SHA:DES-CBC-SHA',
    'DES-CBC-MD5:EXP-KRB5-RC2-CBC-MD5',
    'EXP-KRB5-DES-CBC-MD5',
    'EXP-KRB5-RC2-CBC-SHA',
    'EXP-KRB5-DES-CBC-SHA',
    'EXP-EDH-RSA-DES-CBC-SHA',
    'EXP-EDH-DSS-DES-CBC-SHA',
    'EXP-DES-CBC-SHA',
    'EXP-RC2-CBC-MD5',
    'EXP-RC2-CBC-MD5',
    'EXP-KRB5-RC4-MD5',
    'EXP-KRB5-RC4-SHA',
    'EXP-RC4-MD5:EXP-RC4-MD5');

curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, implode(':', $arrayCiphers));
Yulio Aleman Jimenez
  • 1,642
  • 3
  • 17
  • 33
faggotrino
  • 1