I'm trying to send an SSL certificate with a soap message to a server and have only just managed to make cURL accept the certificate (.pem file spit out by putting a .pfx file through OpenSSL) and not return "unable to set private key file" (evidently the private key must keep its 'bag attributes'), however it's now returning exciting new errors:
SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
I've tried setting the CA certificate with:
curl_setopt($soap_do, CURLOPT_CAINFO, $caFile);
But this yields no results with the root nor the intermediate ca files I have.
Disabling this check with:
curl_setopt($soap_do, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($soap_do, CURLOPT_SSL_VERIFYPEER, 0);
brings me to the new problem:
error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
This has been a thorn in my side for weeks now and while new error messages mean changes I'm not sure it means progress. Any advice or suggestions as to what is missing/I am doing wrong would be greatly appreiciated.