I'm trying to build a payment form that integrates with Firstdata's api. I need to post an XML string to their server. They also require a client side certificate and http authentication. My CURL set up currently looks like this:
function firstdata_send($config_param, $data) {
$config_default = array(
'test' => FALSE,
);
// settings in $config_param will overwrite settings in $config_default
$config = (object)array_merge($config_default, $config_param);
if($config->test) {
$url = 'https://ws.merchanttest.firstdataglobalgateway.com/fdggwsapi/services/order.wsdl';
}
else {
$url = 'https://ws.firstdataglobalgateway.com/fdggwsapi/services/order.wsdl';
}
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "{$config->username}:{$config->password}");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSLCERT, $config->pemfile);
curl_setopt($ch, CURLOPT_SSLKEY, $config->keyfile);
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, $config->keypass);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, TRUE);
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
$result = curl_exec($ch);
$result .= curl_error($ch);
return $result;
}
Their server responds with HTTP/1.1 401 Unauthorized
. But if I comment out the post options:
//curl_setopt($ch, CURLOPT_POST, TRUE);
//curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
I get HTTP/1.1 200 OK
. Unless I'm completely misunderstanding whats going on it seems like using post somehow interferes with the auth headers. I don't know what I'm missing.
Solved:
Turns out the ssl certificates the test account had generated were bad. I had to call their tech support and they had to regenerate the certs 3 times before the system would accept them. Sorry for wasting your time. I should have called them first. If anybody is interested the tech support number I called was (888) 477-3611. I think NomikOS was closest to being correct so I'll mark his as the answer and up vote the rest of you. Thanks again.