The website is saying "You are not authenticated with digital certificate, or possibly the connection time expired. Authenticate again with your digital certificate.".
I have gotten this message every time, so rather than connection time expiring, I think that my attempt of authenticating is just not working.
The way I am doing this is I start with just a pfx file, and a passphrase to open it. I make the pem certificate with openssl and the pfx.
<?php $pfx_path = 'me.pfx'; $pfx_pass = 'foopass123'; $pfx_values = ; openssl_pkcs12_read(file_get_contents($pfx_path), $pfx_values, $pfx_pass); $cert_path = 'me.pem'; file_put_contents($cert_path, $pfx_values['cert'] . " " . $pfx_values['pkey']); $postfields = 'field1=val1&field2=val2&field3=val3'; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL , 'https://www.example.com'); curl_setopt($ch, CURLOPT_POST , true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POSTFIELDS , $postfields); curl_setopt($ch, CURLOPT_SSLCERT , $cert_path); curl_setopt($ch, CURLOPT_VERBOSE, 1); $curl_result = curl_exec($ch); $curl_info = curl_getinfo($ch); curl_close($ch);
Result of executing the code (showing just a quote of the HTML of $curl_result):
You are not authenticated with digital certificate, or possibly the connection time expired. Authenticate again with digital certificate.
By the way,
$curl_info['ssl_verify_result'] is 0, which I guess means that at least the server was correctly authenticated.
CURLOPT_SSLCERTPASSWD because it's not necessary, the pfx file was already open with the password, and its private and public key were put naked into