PayPal IPN: unable to get local issuer certificate - perl

I am using curl to verify the PayPal IPN but it throws error: SSL certificate problem: unable to get local issuer certificate. The same code is working on development server and when I moved to client server it is not working.
DO I need to purchase ssl certification in order to make payment via PayPal express checkout or any change in my coding part or any setting need to make on server.Curl is already enabled on server. Any help will be appreciated.
My code below, and its a reduced test page for this:
$req = HAVING PARAMETERS FROM PAYPAL;
$ch = curl_init("https://www.sandbox.paypal.com/cgi-bin/webscr");
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
curl_exec($ch);
if(curl_errno($ch))
{
echo 'Curl error: ' . curl_error($ch);
}

You're telling cURL to validate the SSL connection but you're not telling it what to validate against;
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
Make sure you point to an up-to-date list of CA's to trust by adding:
curl_setopt($ch, CURLOPT_CAPATH, "./cacert.pem");
If you don't have an up-to-date cacert list yourself, I'd recommend downloading the one supplied by the cURL maintainer: cacert.pem.

You want CURLOPT_CAINFO (points to a PEM file) not CURLOPT_CAPATH (which points to a directory containing PEM files).
curl_setopt($ch, CURLOPT_CAINFO, "./cacert.pem");

Related

Where to get Ejabberd api url and host name

I am going to develop a chat application using ejabberd using ReactJs. I installed ejabberd on our server. I followed the API documentation from the below link.
https://docs.ejabberd.im/developer/ejabberd-api/admin-api/#registered-users
I want to try any api in postman before implementing. But I didn't get the API URL and host name from any of the document.
My ejabberd server admin URL is http://192.168.5.242:5280/admin
Also, I wish to use https://www.npmjs.com/package/ejabberd. But there I can see the usage of host name.
I tried so many ports instead of 5280. But not working for me.
But I didn't get the API URL and host name from any of the document.
You define the port number in the ejabberd configuration file, in the 'listen' section. For example, in my case I use 5282 for mod_http_api, and path /api:
-
port: 5282
module: ejabberd_http
request_handlers:
"/api": mod_http_api
"/bosh": mod_bosh
"/oauth": ejabberd_oauth
"/rest": mod_rest
My ejabberd server admin URL is http://192.168.5.242:5280/admin
Then, if you add the lines that I have, your url for mod_http_api would be http://192.168.5.242:5282/api
As an example call, I use this php script:
<?php
$url='localhost:5282/api/registered_users/';
$login="key";
$password='secret';
$request=null;
$info=array(
"host"=>"localhost"
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($info));
$output=curl_exec($ch);
curl_close($ch);
print_r($output);
?>
This is the result of the query:
$ php test.php
["user1","user2"]
Sniffing the network traffic, this is the query:
POST /api/registered_users/ HTTP/1.1
Host: localhost:5282
Accept: */*
Content-Length: 20
Content-Type: application/x-www-form-urlencoded
{"host":"localhost"}
and this is the response:
HTTP/1.1 200 OK
Content-Length: 17
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Authorization, X-Admin
["user1","user2"]

Neteller REST API gives an error

I've been working with neteller rest api and I came across an issue.
I am receiving this response: { "error": "invalid_client" }
My code is
$username = '**********';
$password = '*********************************';
$curl = curl_init();
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_URL, "https://test.api.neteller.com/v1/oauth2/token?grant_type=client_credentials");
curl_setopt($curl, CURLOPT_USERPWD, "$username:$password");
curl_setopt($curl, CURLOPT_HTTPHEADER, array("Content-Type:application/json", "Cache-Control:no-cache"));
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$serverOutput = curl_exec($curl);
echo $serverOutput;
The documentation says:
Client authentication failed (e.g., unknown client, no client authentication included, or
unsupported authentication method). The authorization server MAY return an HTTP 401
(Unauthorized) status code to indicate which HTTP authentication schemes are
supported. If the client attempted to authenticate via the "Authorization" request header
field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status
code and include the "WWW-Authenticate" response header field matching the
authentication scheme used by the client.
But I'm not sure I completely understand this..
I've tried every possible solution that I found online, but nothing works.. Is there something wrong with my CURL?
Thanks for your time.
You get this error message if your IP is blocked. Log in to the Neteller TEST merchant site (test.merchant.neteller.com). You will need to email support to get a user if you haven't already. Go to Developer / API Settings and check that the APIs are enabled and that your IPs are added.
You need to do the same thing for production (merchant.neteller.com).
It might be a header issue.
Try this as your content type:
application/x-www-form-urlencoded
This should probably solve it:
$data = array("scope" => "default");
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);

Sending mails in Marmalade for the playbook and using libcurl

I was doing a code for sending mails with the playbook and marmalade, this is my code
curl_easy_setopt(curl, CURLOPT_URL, "smtp://smtp.gmail.com:587");
//curl_easy_setopt(curl, CURLOPT_PORT, this->_PORT);
curl_easy_setopt(curl,CURLOPT_CONNECTTIMEOUT, 15);
curl_easy_setopt(curl,CURLOPT_TIMEOUT, 30);
curl_easy_setopt(curl, CURLOPT_USE_SSL, (long)CURLUSESSL_ALL);
curl_easy_setopt(curl, CURLOPT_USERNAME, "xxxxxxx#gmail.com");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "xxxxxxx");
curl_easy_setopt(curl, CURLOPT_MAIL_FROM, this->_FROM);
recipients = curl_slist_append(recipients, this->_TO);
curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients);
curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source);
curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx);
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
res = curl_easy_perform(curl);
It is the example from libcurl. (http://curl.haxx.se/libcurl/c/smtp-tls.html)
But everytime the curl_easy_perform executes i got the error CURLE_COULDNT_RESOLVE_HOST with every single address it does'nt matter if it is http,smtp, ftp, etc.
And if I put the IP instead of the name i always get Permission Denied.
I thing the error is the fake-ares.cpp and its asynchronous resolve.
I am using libcurl 7.21.7 and Marmalade 6.1
Can anyone help me? :/ or is there another way to send mail?
Thanks

Warning: file_get_contents(https://graph.facebook.com/me?access_token=)

Warning: file_get_contents(https://graph.facebook.com/me?access_token=) [function.file- get-contents]: failed to open stream: HTTP request failed! HTTP/1.0 400 Bad Request in /var/www/dsg/signed_request.php on line 25
I have checked and set allow_url_fopen to on in my php.ini and also made sure allow_url_fopen is on when I run phpinfo();. I am still getting the error as listed above. Does anyone know if this can be made to work somehow? Perhaps has some converted to an alternative?
You can use curl, which is actually what should be used for network requests, not file_get_contents. I don't know why Facebook started using that function in there examples. Curl has error handling and will follow redirects if you want it to, so you can figure out exactly what is happing.
You can create your own one line function like this
function viacurl($location){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $location);
curl_setopt($ch, CURLOPT_HEADER, false);
$out=curl_exec($ch);
curl_close($ch);
return rtrim($out,1);
}
And use it like this :
$response = viacurl($url);

Facebook.php causes error in apache log, how to fix?

I have a Facebook application running on Amazon servers (windows data center + apache) and this shows up in the apache error log a lot:
"Invalid or no certificate authority found, using bundled information"
In facebook.php the error is generated here:
if ((curl_errno($ch) == 60) || (curl_errno($ch) == 77)) { // CURLE_SSL_CACERT || CURLE_SSL_CACERT_BADFILE
self::errorLog('Invalid or no certificate authority found, using bundled information');
curl_setopt($ch, CURLOPT_CAINFO,
dirname(__FILE__) . '/fb_ca_chain_bundle.crt');
$result = curl_exec($ch);
}
I have the latest fb_ca_chain_bundle.crt from github in the same directory.
Download facebook.php and the fb_ca_chain_bundle.crt certificate again and replace them with your current files.