I have received a JKS file encrypted with Password from a financial institution. The API uses port 444. When I use the JKS file and password with SoapUI (Preferences -> SSL Settings -> KeyStore [File] + KeyStore Password), I am able to send and receive XML request and responses. Without JSK file and password if I try to access the URL, then the browser does not load the API page.
After installing the file and providing the password to browser (Firefox -> Options -> Advance -> View Certificate -> Import); the page result shows Not proper request' [XML format] (That is able to access the page with certificate).
I converted the file to P12/PEM (using: keytool -importkeystore -srckeystore keystore.jks -srcstoretype JKS -deststoretype PKCS12 -destkeystore keystore.p12) - and it works same as above (for both SoupUI and Browser).
Now I like to use this file (JKS/PEM) file in my PHP code on IIS development server and Apache-Production server. During execution I am getting: Error: SSL certificate problem: unable to get local issuer certificate.
Note: The same JKS file with same password is used by another vendor with Python environment is working fine.
Please suggest a solution.
Thank you.
First need to convert the JKS file to PEM which could be used by your PHP code.
Then this should do:
$options = array(
CURLOPT_RETURNTRANSFER => true, // return web page
CURLOPT_PORT => <Port#>, //Post
CURLOPT_CAPATH => $ca_path, //CA Path ***and not filename
CURLOPT_CAINFO => $cert_file, //Certificate File
CURLOPT_SSLCERT => $key_file, //SSL file
CURLOPT_SSLKEYPASSWD => $key_password, //Public Key
CURLOPT_HTTPHEADER => $aHeaders, //Header
CURLOPT_POST => 1, //Send POST
CURLOPT_POSTFIELDS => $xml, //To Fetch Data
CURLINFO_HEADER_OUT => $properties, //Application's Username and password
);
$ch = curl_init($url);
curl_setopt_array($ch, $options);
$content = curl_exec($ch);
$err = curl_errno($ch);
$errmsg = curl_error($ch);
$header = curl_getinfo($ch);
curl_close($ch);
$header['errno'] = $err;
$header['errmsg'] = $errmsg;
$header['content'] = $content;