I'm having problems getting PHP XML-RPC working over SSL; it all works
fine over port 80.  I suspect I'm struggling because my certificates are
messed up.

This is the error message I'm getting:

"CURL error: couldn't use certificate!"

The server's apache access_log and error_log don't display anything, so
I'm assuming that it's going wrong on the client - presumably because
I've set the certificates up incorrectly for CURL.

This is what I'm doing.

1. Create a certificate request and key for the server:

openssl req -new > server.cert.csr

2. Remove the passphrase:

openssl rsa -in privkey.pem -out server.cert.key

3. Convert request into a self-signed cert:

openssl x509 -in server.cert.csr -out server.cert.cert -req -signkey \
server.cert.key -days 365

4. Add the following directives to httpd.conf:

SSLCertificateFile /path/to/certs/server.cert.cert
SSLCertificateKeyFile /path/to/certs/server.cert.key
SSLCACertificateFile /path/to/certs/my.CA.cert
SSLVerifyClient 3

5. Create a certificate request and key for the client:

openssl req -new > client.cert.csr

6. Remove the passphrase:

openssl rsa -in privkey.pem -out client.cert.key

7. sign the client request with the CA key:

openssl x509 -req -in client.cert.csr -out client.cert.cert -signkey \
server.cert.key -CA server.cert.cert -CAkey server.cert.key \
-CAcreateserial -days 365

8. Use the following in my XML-RPC call:

$server = new xmlrpc_client("test.php",$inet,443);
$result = $server->send($message,10,"https");

Anyone got any ideas?

tia, josh.

Josh Howlett, Network Support Officer,
Networking & Digital Communications,
Information Systems & Computing,
University of Bristol, U.K.
0117 928 7850 | [EMAIL PROTECTED]

For information about how to subscribe and unsubscribe from this list
visit http://xmlrpc.usefulinc.com/list.html

Reply via email to