[RESOLVED] Problems using CURL to https using POST.

mrbaseball34

In the code below, I'm trying to pass some POST values to a secured website.

<?
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.dlis.dla.mil/WebFlis/pub/pub_search.aspx");
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, array('txtPART'=>'MS3126F10-6S'));
$returned = curl_exec($ch);
if (!$returned) {
  echo curl_error($ch); 
}
curl_close($ch);

echo $returned;

?>

I know I will eventually have to deal with the ASP.Net VIEWSTATE and
EVENTVALIDATION variables but first things first...

How do I alleviate this error:

SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL 
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

Seems the United States Government doesn't keep their certs up to date.

bradgrafelman

On the contrary, they just decided to issue their own certificates. The root CA "DoD Root CA 2" isn't a common Trusted Root CA, thus cURL fails because it can't verify the chain of issuing CA's.

Either download the certificate for this root CA and tell cURL to use it to verify the root CA (e.g. by setting CURLOPT_CAINFO to point to this certificate file), or disable the verification of peer certificates altogether (via CURLOPT_SSL_VERIFYPEER).

mrbaseball34

Thanks, Brad.