PHP cURL https no error, not working

Question

I'm really confused by this. My company recently switched this URL to https, and I can no longer make cURL requests against it. No one else in the company does PHP, so there's no one to help me debug.

I don't have much experience with https, so I read through a bunch of posts on here and found a few that addressed this same issue, namely, this one:

Can't connect to HTTPS site using cURL. Returns 0 length content instead. What can I do?

At first, I was getting all sorts of errors related to security certificates, but after adding curl.cainfo="c:\xampp\htdocs\login\cacert.pem" to my php.ini file, I believe I have resolved those as I am not getting errors anymore, but I am still not getting back a successful login response.

As part of the process, I need to pass a cookie to the server, which is present. echo $strCookie gives back the correct cookie data, so I don't think it's that.

$searchURL = "https://url.com/valid?";

$ch = curl_init();             
curl_setopt($ch, CURLOPT_URL, $searchURL);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);   
$strCookie = 'testcookie=' . $_COOKIE['testcookie'] . '; path=/';    
curl_setopt( $ch, CURLOPT_COOKIE, $strCookie ); 
curl_setopt($ch, CURLOPT_CAPATH, "\cacert.pem");
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);

    if($answer = curl_exec($ch))
{
    echo "<pre>";
    print_r($answer);
    echo "</pre>";
}
else
{    
    echo "<pre>";
    echo 'Curl error: ' . curl_error($ch);
    echo "</pre>";
}

If I put the url into my browser (url.com/valid?), I get back boolean = true, so I know I am logged in. However, this script is returning boolean = false and I cannot figure out why.

Here are the headers:

TTP/1.1 200 OK
Date: Mon, 09 Nov 2015 21:33:16 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Length: 14
Content-Type: text/plain; charset=UTF-8
X-Powered-By: Servlet/2.5 JSP/2.1
Set-Cookie: amlbcookie=01; domain=.****.com; path=/
Vary: User-Agent,Accept-Encoding

I'm confused by the Set-Cookie: amlbcookie=01 line, as I'm not sure what that cookie is. It does not match the output I get from echo $strCookie.

just a guess but you should probably not run `curl_exec` twice instead run it once and then check against what it returns. — cmorrissey, Nov 09 '15 at 21:34
I wasn't sure how to do that since I don't define it prior to `if(curl_exec($ch) == false)` - the only way I knew of to output it was to assign to to a variable `$answer`, then `print_r` that. — Brian Powell, Nov 09 '15 at 21:37
try something like `if($answer = curl_exec($ch)){ //no error } else { //error }` — cmorrissey, Nov 09 '15 at 21:39
ok cool - that works. Good catch. I'm still getting the same response though - `boolean = false`, so the issue still remains :) — Brian Powell, Nov 09 '15 at 21:40
have you attempted setting `CURLOPT_SSL_VERIFYPEER` to `false` ? — cmorrissey, Nov 09 '15 at 21:44
try adding `curl_setopt($ch, CURLOPT_FAILONERROR, FALSE); curl_setopt($ch, CURLOPT_HEADER, TRUE);` before your execute and see if that gives you any direction — iam-decoder, Nov 09 '15 at 21:44
@cmorrissey - yes. I believe I need to verify. Without it, I still get the same server response so I really can't say. The query doesn't return "true" whether I turn this to TRUE or FALSE. — Brian Powell, Nov 09 '15 at 22:02
@iam-decoder - the query isn't failing, it's going through, it's just giving me `boolean = false` to signify I'm not signed in. The headers I have in my post are from `CURLOPT_HEADER`. — Brian Powell, Nov 09 '15 at 22:03
does the cookie contain the information necessary to tell if you're logged in? or does the server itself manage that? — iam-decoder, Nov 09 '15 at 22:12
@BrianPowell then that's your problem, you need to send something that the server can use to recreate the client's session for the call. When CURLing, it's creating a new instance where the server is asking the server for information. — iam-decoder, Nov 09 '15 at 23:15

PHP cURL https no error, not working

0 Answers0