PHP Curl Error: Unable to load client cert -8018. (Connecting to SSO API)

Question

I'm trying to connect to a Single Sign On API using Curl in PHP But I am getting a -8018 error. I converted private key to RSA key. But still I am an error.

Here is the PHP Source:

    $cert_file = 'etc/pki/nssdb/new.pem';
    $cert_password = '123456';
    curl_setopt_array($curl, array(
        CURLOPT_URL => "UUL"
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_ENCODING => "",
        CURLOPT_MAXREDIRS => 10,
        CURLOPT_TIMEOUT => 300,
        CURLOPT_SSL_VERIFYPEER => false,
        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
        CURLOPT_CUSTOMREQUEST => "POST",
        CURLOPT_SSLCERT => $cert_file,
        CURLOPT_SSLCERTPASSWD => $cert_password,
        CURLOPT_SSLCERTTYPE => 'pem',
        CURLOPT_HTTPHEADER => array(
            "cache-control: no-cache",
            "X-IAS-APIKEY: PEdk3kOkMtYsYzfb",
            'Content-Length: 0',
        ),
    ));
    $response = curl_exec($curl);
    $err = curl_error($curl);

    curl_close($curl);
    if ($err) {
        echo "cURL Error #:" . $err;
    } else {
        echo $response;
    }
}

Here is the result (after adding the certificate in NSS DB)

score 0 · Accepted Answer · answered Feb 27 '17 at 02:25

I solved the problem.The problem was RSA key without certificate information. I converted the certificate key to RSA but this file doesn't have Certificate info which we have to submit along with the key. So by exporting the public part then the private RSA part and finally putting it together in the code will work.

$cert_password = '****';
    curl_setopt_array($curl, array(
        CURLOPT_URL => URL,
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_ENCODING => "",
        CURLOPT_MAXREDIRS => 10,
        CURLOPT_TIMEOUT => 300,
        CURLOPT_SSL_VERIFYPEER => false,
        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
        CURLOPT_CUSTOMREQUEST => "POST",
        CURLOPT_SSLCERT => $cert_file,
        CURLOPT_SSLKEY => $cert_key,
        CURLOPT_SSLCERTPASSWD => $cert_password,
        CURLOPT_SSLCERTTYPE => 'pem',
        CURLOPT_HTTPHEADER => array(
            "cache-control: no-cache",
            "X-IAS-APIKEY: APIKEY",
            'Content-Length: 0',
        ),
    ));
    $response = curl_exec($curl);
    $err = curl_error($curl);

I hope this answer may help someone.

Thank YOU

PHP Curl Error: Unable to load client cert -8018. (Connecting to SSO API)

1 Answers1