phpcurlwebdavpropfind

transform CURL request to PHP CURL


I've this Curl request :

curl.exe -k --proxy-ntlm --proxy-user : --proxy http://proxyurl:80 -E C:\temp\certificat.pem:certifPassword -H depth:1 -X PROPFIND https://www.url.fr/to/webdav/number/folder/ > retour.xml

I've to translate it in php script. So I did this :

$ch = curl_init();

$urlPropfind = "https://www.url.fr/to/webdav/number/folder/";
$certifPropfind = __DIR__."/certificats/certificat.pem";
$passwordPropfind = "certifPassword";
$header = "depth:1";

//Proxy config
$proxyAdresse = "http://proxyUrl";
$proxyIp = "192.168.0.1"; //I change IP for security
$proxyPort = 80;
$proxyIdentification = "proxyUser:proxyPassword";

curl_setopt($ch, CURLOPT_PROXY, $proxyIp);
curl_setopt($ch, CURLOPT_PROXYPORT, $proxyPort);
curl_setopt($ch, CURLOPT_PROXYTYPE, 'HTTP');
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyIdentification);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSLCERT, $certifPropfind);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $passwordPropfind);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $urlPropfind);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PROPFIND");
curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));

$output = curl_exec($ch);

var_dump($output);

var_dump(curl_getinfo($ch));
curl_close($ch);

But my curl return FALSE so I don't understand what did I do wrong ?

The error:

HTTP/1.1 200 Connection established < * Proxy replied OK to CONNECT request * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * NSS: client certificate not found: certServeurTM.pem * NSS error -12227 (SSL_ERROR_HANDSHAKE_FAILURE_ALERT) * SSL peer was unable to negotiate an acceptable set of security parameters. * Closing connection 2

And

EDIT

I converted this to PHP & here my :

curl_setopt($ch, CURLOPT_URL, $urlPropfind);
  curl_setopt($ch, CURLOPT_NOPROGRESS, true);
  curl_setopt($ch, CURLOPT_PROXY, $proxyAdresse);
  curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyIdentification);
  curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_NTLM);
  curl_setopt($ch, CURLOPT_USERAGENT, "curl/7.29.0");
  curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));
  curl_setopt($ch, CURLOPT_MAXREDIRS, 50);
  curl_setopt($ch, CURLOPT_KEYPASSWD, "/var/www/html/myapplication/certificats/certServeurTM.pem:toulouse31");
  curl_setopt($ch, CURLOPT_SSLCERT, "certServeurTM.pem");
  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
  curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PROPFIND");
  curl_setopt( $ch, CURLOPT_VERBOSE, true );
  curl_setopt( $ch, CURLOPT_STDERR, fopen('php://output', 'w') );

& message I get (only the end of message. All is good until certificat):

HTTP/1.1 200 Connection established < * Proxy replied OK to CONNECT request * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * NSS: client certificate not found: certServeurTM.pem * NSS error -12227 (SSL_ERROR_HANDSHAKE_FAILURE_ALERT) * SSL peer was unable to negotiate an acceptable set of security parameters. * Closing connection 2

I added

curl_setopt($ch, CURLOPT_CAPATH, "/var/www/html/myapplication/certificats");

& I see the following message

failed to load '/var/www/html/myapplication/certificats/certServeurTM.pem' from CURLOPT_CAPATH


Solution

  • Finally I get it !!

    In fact, the person in charge of certifacts management forget to tell me that I need another private key & private certificat...

    So here my final code :

    curl_setopt($ch, CURLOPT_URL, $urlPropfind);
      curl_setopt($ch, CURLOPT_NOPROGRESS, true);
      curl_setopt($ch, CURLOPT_PROXY, $proxyAdresse);
      curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyIdentification);
      curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_NTLM);
      curl_setopt($ch, CURLOPT_USERAGENT, "curl/7.29.0");
      curl_setopt($ch, CURLOPT_HTTPHEADER, array($header));
      curl_setopt($ch, CURLOPT_MAXREDIRS, 50);
      curl_setopt($ch, CURLOPT_SSLCERTPASSWD, "toulouse31");
      curl_setopt($ch, CURLOPT_SSLCERT, "/var/www/html/myapplication/certificats/certServeurTM.pem");  
      curl_setopt($ch, CURLOPT_SSLCERT, "/var/www/html/myapplication/certificats/default.crt");  
      curl_setopt($ch, CURLOPT_SSLKEY, "/var/www/html/myapplication/certificats/default.privkey"); 
      curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,true);
      curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
      curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PROPFIND");
      curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
      curl_setopt( $ch, CURLOPT_VERBOSE, true );
      curl_setopt( $ch, CURLOPT_STDERR, fopen('php://output', 'w') );
    

    Thanks, everyone, for your help :)