Ignoring SSL certificate in Zend php

0
votes

I am trying to make an API request which is on a remote windows 2008 server R2, from my Zend client, and everytime I try to do it, I get the following errors:

Message: Unable to enable crypto on TCP connection wvm024.dei.isep.ipp.pt

And: Previous exceptions:

ErrorException File: C:\Program Files (x86)\Zend\ZendServer\data\apps\http__default__\0\TukPorto\1.0.0_118\TukPorto\vendor\zendframework\zendframework\library\Zend\Http\Client\Adapter\Socket.php:281 Message: stream_socket_enable_crypto(): Peer certificate CN=wvm024.wvdom024.dei.isep.ipp.pt' did not match expected CN=wvm024.dei.isep.ipp.pt'

The code I have for that is the following: 

    $username = WebApiServices::$username;
    $password = WebApiServices::$password;

    $enderecoBase = WebApiServices::$enderecoBase;

    $httpClientOptions = array(
        'adapter'      => 'Zend\Http\Client\Adapter\Socket',
        'persistent'=>false,

        'sslverifypeer' => false,
        'sslallowselfsigned' => true,
        'sslusecontext'=>true,

        'ssl' => array(
            'verify_peer' => false,
            'allow_self_signed' => true,
            'capture_peer_cert' => true,
        ),

        'useragent' => 'Feed Reader',
    );


    $client = new Client($enderecoBase . '/Token');
    $client->setOptions($httpClientOptions);
    $client->setMethod(Request::METHOD_POST);
    $data = "grant_type=password&username=$username&password=$password";
    $len = strlen($data);
    $client->setHeaders(array(
        'Content-Type' => 'application/x-www-form-urlencoded',
        'Content-Length' => $len
    ));

   $client->setOptions([
      'sslverifypeer' => false,
 ]);
    $client->setRawBody($data);
    $response = $client->send();
    $body = Json::decode($response->getBody());
    if (! empty($body->access_token)) {
        if (! isset($_SESSION)) {
            session_start();
        }
        $_SESSION['access_token'] = $body->access_token;
        $_SESSION['username'] = $username;
        return true;
    } else
        return false;
1
phpsslzend-frameworkssl-certificate
Instead of ignoring SSL certificate, you need to issue server certificate (on Windows machine) with proper name: CN=wvm024.dei.isep.ipp.pt.Crypt32
And how would I be able to do that? Every time I generate on the windows machine the server certificate, it comes as wvm024.wvdom024.dei.isep.ipp.pt' which is the machine full name, where I would like it without the wvdom024 partJosé Pinho
Provide a custom subject name during certificate enrollment.Crypt32
Do you try the curl adapter ? framework.zend.com/manual/2.4/en/modules/…B.Asselin

1 Answers

0
votes

It is possible to use a CURL adapter, e.g. in ZF1:

<?php
$config = array(
    'adapter'     => 'Zend_Http_Client_Adapter_Curl',
    'curloptions' => array(CURLOPT_SSL_VERIFYPEER => false),
);

$client = new Zend_Http_Client($url, $config);
$result = $client->request('GET');