3

How can I convert this php code to curl command? I want to use this code on linux machine by executing single curl command.

$headers = array(
      "Content-type: text/xml",
      "Content-length: " . strlen($xml)
);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 10000);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

$data = curl_exec($ch);

I tired with this one, but unsuccessful:

curl -X POST -H "Content-type: text/xml" -o output.txt -d "param1=param1&username=username&password=password" https://site.url.com -d @data.xml

Maybe the problem is in the HTTPS because only TLSv1 is allowed on the site.

Improve this question
5
  • any errors reported by curl or in the response? Commented Oct 28, 2014 at 15:33
  • @NDM this is the response on every try: <Unauthorized>401</Unauthorized> , from php and from browser everything is okay Commented Oct 28, 2014 at 15:35
  • 401 means the TLS layer is fine, but it means you're not providing the proper HTTP authentication. Commented Oct 28, 2014 at 15:50
  • @DanielStenberg it sounds good, every time when I am calling the url from browser it sends me 401, only when I am calling the url and adding the method, username and password everything is okay from browser. But I cannot get the same response from curl to. This is the url: wsh.sterlingcommerce.com/… Commented Oct 28, 2014 at 16:03
  • Your code here doesn't send any user+password so there's no surprise. My point was still more that the TLS issue is fine, which is what this question (and title) is about! Commented Oct 29, 2014 at 8:13

3 Answers 3

Reset to default
5

In php you would use:

curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1);

Documentation speaks of more TLS versions:

http://www.php.net/manual/en/function.curl-setopt.php

  • CURL_SSLVERSION_TLSv1_0
  • CURL_SSLVERSION_TLSv1_1
  • CURL_SSLVERSION_TLSv1_2

The TLS versions only work with CURL version 7.34 or newer.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

This should be edited to say "The TLS constants only work with CURL version 7.34 or newer." The same php manual page mentioned shows that the constants simply represent integers (so you can still use this, just sub in the integer you need): CURL_SSLVERSION_DEFAULT (0), CURL_SSLVERSION_TLSv1 (1), CURL_SSLVERSION_SSLv2 (2), CURL_SSLVERSION_SSLv3 (3), CURL_SSLVERSION_TLSv1_0 (4), CURL_SSLVERSION_TLSv1_1 (5) or CURL_SSLVERSION_TLSv1_2 (6)
1

If you want to force curl to use TLSv1, you can use the --tlsv1 option, from the docs:

-1, --tlsv1

(SSL) Forces curl to use TLS version 1.x when negotiating with a remote TLS server. You can use options --tlsv1.0, --tlsv1.1, and --tlsv1.2 to control the TLS version more precisely (if the SSL backend in use supports such a level of control).

-2, --sslv2

(SSL) Forces curl to use SSL version 2 when negotiating with a remote SSL server. Sometimes curl is built without SSLv2 support. SSLv2 is widely considered insecure.

-3, --sslv3

(SSL) Forces curl to use SSL version 3 when negotiating with a remote SSL server. Sometimes curl is built without SSLv3 support.
Improve this answer

Comments

1

Problem is not related to TLS/SSL. Client will negotiate TLS automatically. It seems like you need to make a POST some xml data and specify your credentials as GET parameters. It can be done by putting your GET parameters to the request URL

Im not sure on syntax, but try this:

curl -X POST -H "Content-type: text/xml" -o output.txt https://site.url.com?param1=param1&username=username&password=password -d @data.xml

Also, (small offtopic for message above, but i cannt comment it) please not force SSL2, SSL3 or TLS1.0 since they have vulnerabilities. Most servers will negotiate best version of TLS automatically.

Improve this answer

1 Comment

yes you are right about the vulnerabilities, but I already tried with your sample, and again 401.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.