user99999999 Posted April 27, 2004 Share Posted April 27, 2004 <?php //Filename: curl_test.php $ch = curl_init(); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //Uncomment this for Windows. //curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_URL, "https://www.stanford.edu/group/idg/leland/samples/secure/test.html"); $result = curl_exec($ch); echo '<pre>'; print_r(curl_getinfo($ch)); echo '</pre>'; echo 'Errors: ' . curl_errno($ch) . ' ' . curl_error($ch) . '<br><br>'; curl_close ($ch); echo $result . 'EOF'; ?> Link to comment Share on other sites More sharing options...
Guest Posted April 27, 2004 Share Posted April 27, 2004 the thing that would go great with this, is the steps to setup curl if it fails. Link to comment Share on other sites More sharing options...
user99999999 Posted April 27, 2004 Author Share Posted April 27, 2004 Well Assuming you have a working Apache/PHP/mysql installation on Windows. Un comment the curl extension in windows/php.ini extension=php_curl.dll Copy the dlls from php/dlls to windows system dir. libeay32.dll and ssleay32.dll are needed by curl for SSL. Restart Apache Check phpinfo() Run the test script. Link to comment Share on other sites More sharing options...
Guest Posted April 28, 2004 Share Posted April 28, 2004 Don't forget the following in php.ini: ; Directory in which the loadable extensions (modules) reside. extension_dir = C:\php\extensions Link to comment Share on other sites More sharing options...
fredfillah Posted April 29, 2004 Share Posted April 29, 2004 I do the same kind of thing, but from a remote server. A failure triggers an email to my cell phone. The other thing that I do is take the results from cURL and parse for specific content that is dynamically generated from the DB. It's more likely to detect a MySQL failure. That way I have more of a functional test (end-to-end). There's also a bunch of *free* monitoring services out there. Try http://www.internetseer.com/home/index.xtp -Fred -Fred Link to comment Share on other sites More sharing options...
user99999999 Posted April 30, 2004 Author Share Posted April 30, 2004 New test shows how to correctly verify certificates by downloading the ca-bundle.crt. The ca-bundle.crt is not included with php/curl for windows but current versions of curl have verifypeer set to true causing the curl connection to fail. Errors: 60 SSL certificate problem, verify that the CA cert is OK <?php //Filename: curl_test.php $ch = curl_init(); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //Disable certificate check. //curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); //curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); //Enable certificate check //Download ca-bundle.crt from http://cvs.php.net/cvs.php/curl/lib/ca-bundle.crt curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_CAINFO, "c:/www/catalog/includes/ca-bundle.crt"); curl_setopt($ch, CURLOPT_URL, "https://www.stanford.edu/group/idg/leland/samples/secure/test.html"); //curl_setopt($ch, CURLOPT_URL, "https://www.paypal.com"); $result = curl_exec($ch); echo '<pre>'; print_r(curl_getinfo($ch)); echo '</pre>'; echo 'Errors: ' . curl_errno($ch) . ' ' . curl_error($ch) . '<br><br>'; curl_close ($ch); echo $result . 'EOF'; ?> Sample Result Content-type: text/html X-Powered-By: PHP/4.3.6 Set-Cookie: ZDEDebuggerPresent=php,phtml,php3 <pre>Array ( [url] => https://www.stanford.edu/group/idg/leland/samples/secure/test.html [content_type] => text/html; charset=ISO-8859-1 [http_code] => 200 [header_size] => 182 [request_size] => 167 [filetime] => -1 [ssl_verify_result] => 0 [redirect_count] => 0 [total_time] => 8.163 [namelookup_time] => 2.325 [connect_time] => 2.695 [pretransfer_time] => 7.282 [size_upload] => 0 [size_download] => 159 [speed_download] => 19.478133039324 [speed_upload] => 0 [download_content_length] => 159 [upload_content_length] => 0 [starttransfer_time] => 8.163 [redirect_time] => 0 ) </pre>Errors: 0 <br><br>HTTP/1.1 200 OK Date: Fri, 30 Apr 2004 03:50:38 GMT Server: Apache Accept-Ranges: bytes Content-Length: 159 Content-Type: text/html; charset=ISO-8859-1 Content-Language: en <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN"> <html> <head> <title>SSL test</title> </head> <body> <h1>SSL test</h1> Thanks for using SSL. </body> </html> EOF* About to connect() to www.stanford.edu:443 * Connected to www.LB-A.stanford.edu (171.67.16.85) port 443 * successfully set certificate verify locations: * CAfile: c:/web/pn726x/www/store/includes/ca-bundle.crt * CApath: none * SSL connection using DHE-RSA-AES256-SHA * Server certificate: * subject: /C=US/ST=California/L=Stanford/O=Stanford University/OU=ITSS/CN=www.Stanford.EDU * start date: 2003-08-25 00:00:00 GMT * expire date: 2004-08-24 23:59:59 GMT * common name: www.Stanford.EDU (matched) * issuer: /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority * SSL certificate verify ok. > GET /group/idg/leland/samples/secure/test.html HTTP/1.1 Host: www.stanford.edu Pragma: no-cache Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */* < HTTP/1.1 200 OK < Date: Fri, 30 Apr 2004 03:50:38 GMT < Server: Apache < Accept-Ranges: bytes < Content-Length: 159 < Content-Type: text/html; charset=ISO-8859-1 < Content-Language: en * Connection #0 left intact * Closing connection #0 Link to comment Share on other sites More sharing options...
buckgee Posted October 6, 2005 Share Posted October 6, 2005 * Server certificate: * subject: /C=US/ST=California/L=Stanford/O=Stanford University/OU=ITSS/CN=www.Stanford.EDU * start date: 2003-08-25 00:00:00 GMT * expire date: 2004-08-24 23:59:59 GMT * common name: www.Stanford.EDU (matched) * issuer: /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority How do you retrieve this information? Or is there a better way to report invalid server certificate? such as invalid issuer, cert expired, url in cert does not matched website url, and invalid cert name. Thanks Michael Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.