Curl giving an error

I’m trying to pass get variables through an HTTPS url to generate xml code and parse the xml to grab an element’s attribute (total_charge) value and turn that into a php variable called $shippingcost. I have the following code and I’m getting the following error. (I have the file names as .pem but I just changed the file extensions of the actual ssl and rsa key files as they had .cabundle extensions for some reason. So I’m not sure if I did that right.)

                $xml = '
				weight_system="IMPERIAL" shipper_number="000222000" destination_postal_code="'.$data5['zip'].'" service_type="1"
			$xml2 = '
				total_pieces="'.$value.'" total_weight="'.$weight.'"
			$token = 'token_here'; 
			$base_url = ''; 

			$request_url = $base_url . '?' . http_build_query(array(
    			'shipment' => '<shipment ' . $xml . '><total ' . $xml2 . '/></shipment>',
    		 	'token' => $token
			// Get cURL resource
			$curl = curl_init();
			// Set some options - we are passing in a useragent too here
			curl_setopt($curl, CURLOPT_URL, $request_url);
			curl_setopt($curl, CURLOPT_VERBOSE, 1);
			curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
			curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
			curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 1);
			curl_setopt($curl, CURLOPT_CAINFO,  '/home/username/ssl/certs/ca.crt');
			curl_setopt($curl, CURLOPT_SSLCERT, '/home/username/ssl/certs/cert.pem');
			curl_setopt($curl, CURLOPT_SSLCERTPASSWD, 'password_here');
			curl_setopt($curl, CURLOPT_SSLKEY, '/home/username/ssl/certs/key.pem');
			curl_setopt($curl, CURLOPT_SSLKEYPASSWD, 'password_here');
			// Send the request & save response to $result
			$result = curl_exec($curl);
			echo curl_error($curl);
			// Close request to clear up some resources

The error,

SSL certificate problem: self signed certificate in certificate chain

Here is an example of what the xml code would look like when generated. I got this example by entering test get variables into the url and pasting the url in the browser url bar.

<rating xmlns:xsi="" 
<rate weight="5.0" weight_unit="lb" zone="3" transit_time="1" transit_time_guaranteed="false" estimated_delivery_date="2013-07-30" base_charge="11.05" freight_charge="11.05" residential_address_charge="2.75" net_charge="13.80" fuel_surcharge_rate="17.3" fuel_surcharge="1.91" subtotal_charge="15.71" on_hst_charge="2.04" total_charge="17.75"/>

Under the php.ini file I added the following,

extension = php_curl.dll
allow_url_fopen = On

I have an RSA key, SSL cert, CA cert and one password. I have no clue how to find out how to fix this error because I don’t know what’s causing it. I was searching on Google and I came across some posts about concatenating the rsa key, ssl cert and ca cert chained into one file and convert it to .pem and doing all this in the curl command line. However, I don’t know where the curl command line is, should it be under my hosting account somewhere? I have a shared LINUX hosting account and I’m not sure which icon to click from cPanel to open this curl command line to enter commands. How would I then convert the file to .pem? Can I just change the extension of the file to .pem? If all the certs are concatenated on one file then do I need these lines, CURLOPT_CAINFO, CURLOPT_SSLCERT, CURLOPT_SSLCERTPASSWD?

Does the curl code on the php page above need to be present if I have access to the curl command line from my hosting account and start entering commands in there or are both commands and the code above needed together to make what I’m trying to do work. Also alot of people were mentioning libcurl, Where do I find that in my hosting account.

Is there a definitive answer to the error I’m getting shown above, I don’t really understand what it means and where the problem is. If there is something wrong that I’m doing in my code, please let me know as well. Thanks!

The “quick fix” is probably to change this line to set it to 0 (or false)
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 1);

but that’s more of a hack and doesn’t address the real issue. Still, you should try that and see if it gets you closer, then check out the advice in this comment:

If your PHP installation doesn’t have an up-to-date CA root certificate bundle, download the one at the curl website and save it on your server:

Then set a path to it in your php.ini file, e.g. on Windows:


Not sure if that will do it for you but try it out and let us know what happens.

Hey thanks for the reply, i ended up using simplexml_load_file() and that worked like a charm now i have to figure out how to parse the xml data.