andy1212

well they gave me a path to the certs and they put them on my server but now I have that error described above. or will that code not work even if I have the password for this line of code curl_setopt($ch, CURLOPT_SSLCERTPASSWD, 'password');

Ok I have this code now and I'm getting the following error, code // Get cURL resource $curl = curl_init(); // Set some options - we are passing in a useragent too here curl_setopt($curl, CURLOPT_URL, $request_url); curl_setopt($curl, CURLOPT_RETURNTRANSFER,1); curl_setopt($curl, CURLOPT_VERBOSE, '1'); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, '1'); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, '1'); curl_setopt($curl, CURLOPT_CAINFO, getcwd().'//public_html/cert/cabundle.txt'); curl_setopt($curl, CURLOPT_SSLCERT, '/public_html/cert/sslkey.txt'); // Send the request & save response to $resp $result = curl_exec($curl); echo curl_error($curl); // Close request to clear up some resources curl_close($curl); error, unable to use client certificate (no key found or wrong pass phrase?) Is it because I don't specify the password in the curl code?

Ok so this is what my host said when I tried asking for the absolute path to the ssl cert, I am afraid that you do not have access to the SSL certificate files installed for your account in a shared server environment. So I'm not sure what to do now..

also do I need to put the ssl password in the curl code like they have in this example? curl_setopt($curl, CURLOPT_SSLCERTPASSWD, 'password'); or is that unsafe to do that

They setup the ssl cert and I set up the redirects in the .htaccess to allow certain pages to be secured including the shopping cart page. So Now that the shopping cart page is ssl secured or has the https in the url do I still need to put the path to the certificate in the curl code I posted above or will curl be able to grab the xml data now without an ssl error. no I don't have dedicated hosting it is shared so they control the box, but I'm wondering where I'd find the path to the ssl cert now, if I need that to put in the curl. Thanks!

For instance if you go to google search its an http page with no ssl encryption. Then if you go to gmail.com to login it is https and ssl encrypted. And thats the way alot of successful websites do it so there must be a reason behind it and the best reason ive found is because of the speed with https and http.

Because i dont want the whole website encrypted and decrypted and slowed down on the account of https, i just want pages where sensitive information is transfered to be https.

ok thanks

hey thanks for the reply, I ended up putting them in their own folder and I'll do the apache redirect for that folder. Thanks! I tried marking you both as solved but didn't work, only would let me mark one.

would the https pages need to be in a seperate folder or can this be done without putting the pages that I want https in a separate folder but instead in the same place as http pages. btw thanks for the reply!

well i don't want to redirect all traffic to https just some pages I'd like to change from http to https when viewed. Can that be don't through apache redirect?

So I'm trying to test out a calculator just to play around with php and I can't seem to get the calculator to do any math. When I test out just adding, subtracting, multiplying numbers like this, $test = 1+2*4-5; and echo $test it shows the result which is 7. But when I make a form and allow myself to enter in numbers, it's like it doesn't recognize the variables as numbers. Here's the code I have, <? if (isset($_POST['item_name'], $_POST['item_price'], $_POST['item_age'], $_POST['conditiondrop'])) { $item_name = $_POST['item_name']; $item_price = $_POST['item_price']; $item_age = $_POST['item_age']; $condition = $_POST['conditiondrop']; $errors = array(); $value1 = intval(strval($item_age*0.1)); if ($condition == 'excellent') { $value = intval(strval($item_price-$value1)); } if ($condition == 'good') { $value = intval(strval($item_price-$item_price*0.05+$value1)); } if ($condition == 'ok') { $value = intval(strval($item_price-$item_price*0.1+$value1)); } if ($condition == 'needstlc') { $value = intval(strval($item_price-$item_price*0.2+$value1)); } } ?> Cost Calc: <form action="" method="post"> item name:<br /> <input type="text" name="item_name" /><br /> item purchase price:<br /> <input type="text" name="item_price" /><br /> item age:<br /> <input type="text" name="item_age" /><br /> item condition:<br /> <select name="conditiondrop"> <option name="excellent">excellent condition</option> <option name="good">good condition</option> <option name="ok">ok condition</option> <option name="needstlc">needs some tlc</option> </select><br /> <input type="submit" /> </form><br /><br /> <? echo $item_name.'<br />'. $condition.'<br />'. $value1.'<br />'. $value ; ?> So I can echo out item_name and condition fine but value1 and value don't get echoed out. Thanks for your time and help in advance.

... cricket, cricket

I just purchased an SSL cert and dedicated IP and the way I set it up before was that I'd put this code at the top of each page, for non https pages: if ($_SERVER['SERVER_PORT']!=80) { $url = "http://".$_SERVER['SERVER_NAME'].":80".$_SERVER['REQUEST_URL']; header('Location: $url'); } for https pages if ($_SERVER['SERVER_PORT']!=443) { $url = "http://".$_SERVER['SERVER_NAME'].":443".$_SERVER['REQUEST_URL']; header('Location: $url'); } So doing that before was a big job because I had to go into every page add the code at the top and then save and upload to the server and now when trying to do that it doesn't seem to be working properly. But I did some searching and alot of people say that you don't need to set it up with any pages it needs to be setup on the server, so I really want to know how to do it that way. I couldn't find a tutorial on how to do this but If someone knows of one or knows how to accomplish setting up the SSL cert with a website and can give me steps on how that would be great. Pretty much I just want to have the login, register, forgot pass, account and shopping cart pages to all start with https and show that the pages are secured with the key or box in the url bar of the browser and all my backend pages to have that too and all the other pages just have http. Thanks for your time and help in advance.

Ok I ended up purchasing an SSL and dedicated IP because I'm scared to use one of the free SSL certs encase they decide that I need to upgrade and start paying for one so I just purchased one with the hosting company I have a reseller account with. So I still am not sure about a couple things with the code I added above.

Oh ok, ya I was hoping I wouldn't have to purchase an ssl and dedicated ip again but i guess i'll have to. so I got this code from your link and I'm wondering about where I would put certain things, curl_setopt($curl, CURLOPT_VERBOSE, '1'); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, '1'); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, '1'); // for this line, what would go here? curl_setopt($curl, CURLOPT_CAINFO, getcwd().'/cacert/cacert.pem'); // for this line, does the path to my free or purchased ssl certificate go here? curl_setopt($curl, CURLOPT_SSLCERT, getcwd().'/cacert/cacert.pem'); curl_setopt($curl, CURLOPT_SSLCERTPASSWD, 'password'); I found certificate here, http://curl.haxx.se/ca/cacert.pem that I thought I might be able to use as a certificate but I'm wondering if it's even working the way I have it setup. I just copied the whole cert and pasted it into notepad, saved it as .pem and put it in it's own directory on the server called cacert. So then I was just calling the path in CURLOPT_CAINFO, 'home/website/public_html/cacert/cacert.pem'; but I guess that wasn't working. Where can I find a free self-signed cert, just type free ssl certs in google search? Would a password come with it too. Thanks again for your help

If I don't use https I get this error on the url page https protocol must be used So i think I have to go with https. So in that case, how would I set up the SSL settings.

Ok so that works for the request_url variable I tried echoing it and copy and pasting the url into the browser url bar and it worked to pull up the xml data. Now to get curl to bring back the xml data is I guess what's not happening. I echoed out, echo curl_error($curl); and have this message, error setting certificate verify locations: CAfile: /home/website/public_html/cacert/cacert.pem CApath: none

Yeah I did that already, when urlencoding it, I echoed out $request_url and tried copy and pasting that url manually into the url bar in the browser and it have an error and no xml data would be produced. So I tried htmlentities and did the process again and xml was produced so if I encode the variables, they won't be passed through the url properly to generate the xml data I need so that I can grab that data and parse it to get the total shipping cost. The problem I'm having is that the curl code gives me those errors that I listed above and it's really frustrating because I've looked all over the internet to find a solution to this problem and have had no luck. So I must be doing something wrong with the curl code but I'm not sure what. I'm no expert at php btw but I'm learning as I go. Any help with this is appreciated so I can figure this out! Thanks

When I take out these to lines of code, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => 2, I get this error error setting certificate verify locations: CAfile: /home/website/public_html/cacert/cacert.pem CApath: none

I'm trying to grab xml data from a url that I pass get variables through and I get this error when trying to echo out the results. org.xml.sax.SAXParseException: Premature end of file. I'd also like to parse the xml data once it is recognized but the first priority is to recognize or at least let me know that the code is working. Here is the code I have below and I'm trying to get a shipping cost for an item and the necessary information that needs to be passed through the url to the shipping company's custom shipping rate calculator uses the get variables to calculate the exact shipping cost. When I use an example link and just add in some get variables manually and then enter it into the browser's url bar, the xml data shows up fine and there is the total amount for shipping but I don't understand why I can't get curl to do it. Thanks for your time! $xml = 'weight_system="IMPERIAL" shipper_number="000222000" destination_postal_code="'.$data5['zip'].'" service_type="1" '; $xml2 = ' total_pieces="'.$value.'" total_weight="'.$weight.'" '; $token = 'KFSSAFD4DSE'; $base_url = 'https://www.shippingco.com/XML/RatingXML.jsp'; $request_url = $base_url . '?'.htmlentities('shipment=<shipment ' . $xml . '><total ' . $xml2 . '/></shipment>&token=' . $token); // Get cURL resource $curl = curl_init(); // Set some options - we are passing in a useragent too here curl_setopt_array($curl, array( CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => 2, CURLOPT_CAINFO => '/home/website/public_html/cacert/cacert.pem', CURLOPT_RETURNTRANSFER => 1, CURLOPT_URL => $request_url, CURLOPT_USERAGENT, 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)', CURLOPT_FAILONERROR => false )); // Send the request & save response to $resp $result = curl_exec($curl); echo curl_error($curl); echo $result; // Close request to clear up some resources curl_close($curl);