Could not load PEM client certificate

2.7k views Asked by At

I'm trying to use yandex kassa api,but I stuck at one point.

I have no certificate password, I have certificate.cer and private.key.

I'm working on localhost with PhpStorm. Do I have to use hosting with ssl support?

I'm getting this error:

could not load PEM client certificate, OpenSSL error error:0906D06C:PEM routines:PEM_read_bio:no start line, (no key found, wrong pass phrase, or wrong file format?)

Here is my reference. Yandex Kassa

What i am doing ?

Here is my Settings.php

<?php 
namespace shop;
class Settings {
public $SHOP_PASSWORD = "123456";
public $SECURITY_TYPE;
public $LOG_FILE;
public $SHOP_ID = 151;
public $CURRENCY = 10643;
public $request_source;
public $mws_cert;
public $mws_private_key;
public $mws_cert_password = "";

function __construct($SECURITY_TYPE = "PKCS7" /* MD5 | PKCS7 */, $request_source = "php://input") {
    $this->SECURITY_TYPE = $SECURITY_TYPE;
    $this->request_source = $request_source;
    $this->LOG_FILE = dirname(__FILE__)."/log.txt";
    $this->mws_cert = dirname(__FILE__)."/MWS/certificate.cer";
    $this->mws_private_key = dirname(__FILE__)."/MWS/private.key";
}}

And here is my MWS.php

private function signData($data) {
    $descriptorspec = array(
        0 => array("pipe", "r"),
        1 => array("pipe", "w"),
    );
    $descriptorspec[2] = $descriptorspec[1];
    try {
        $opensslCommand = 'openssl smime -sign -signer ' . $this->settings->mws_cert .
            ' -inkey ' . $this->settings->mws_private_key .
            ' -nochain -nocerts -outform PEM -nodetach -passin pass:'.$this->settings->mws_cert_password;
        $this->log->info("opensslCommand: " . $opensslCommand);
        $process = proc_open($opensslCommand, $descriptorspec, $pipes);
        if (is_resource($process)) {
            fwrite($pipes[0], $data);
            fclose($pipes[0]);
            $pkcs7 = stream_get_contents($pipes[1]);
            $this->log->info($pkcs7);
            fclose($pipes[1]);
            $resCode = proc_close($process);
            if ($resCode != 0) {
                $errorMsg = 'OpenSSL call failed:' . $resCode . '\n' . $pkcs7;
                $this->log->info($errorMsg);
                throw new \Exception($errorMsg);
            }
            return $pkcs7;
        }
    } catch (\Exception $e) {
        $this->log->info($e);
        throw $e;
    }
}

/**
 * Makes XML/PKCS#7 request.
 * @param  string $paymentMethod financial method name
 * @param  array  $data          key-value pairs of request body
 * @return string                response from Yandex.Money in XML format
 */
private function sendXmlRequest($paymentMethod, $data) {
    $body = '<?xml version="1.0" encoding="UTF-8"?>';
    $body .= '<' . $paymentMethod . 'Request ';
    foreach($data AS $param => $value) {
        $body .= $param . '="' . $value . '" ';
    }
    $body .= '/>';

    return $this->sendRequest($paymentMethod, $this->signData($body), "pkcs7-mime");
}

/**
 * Makes application/x-www-form-urlencoded request.
 * @param  string $paymentMethod financial method name
 * @param  array  $data          key-value pairs of request body
 * @return string                response from Yandex.Money in XML format
 */
private function sendUrlEncodedRequest($paymentMethod, $data) {
    return $this->sendRequest($paymentMethod, http_build_query($data), "x-www-form-urlencoded");
}

/**
 * Sends prepared request.
 * @param  string $paymentMethod financial method name
 * @param  string $requestBody   prepared request body
 * @param  string $contentType   HTTP Content-Type header value
 * @return string                response from Yandex.Money in XML format
 */
private function sendRequest($paymentMethod, $requestBody, $contentType) {
    $this->log->info($paymentMethod . " Request: " . $requestBody);

    $curl = curl_init();
    $params = array(
        CURLOPT_RETURNTRANSFER => 1,
        CURLOPT_HTTPHEADER => array('Content-type: application/' . $contentType),
        CURLOPT_URL => 'https://penelope-demo.yamoney.ru:8083/webservice/mws/api/' . $paymentMethod,
        CURLOPT_POST => 0,
        CURLOPT_SSL_VERIFYPEER => false,
        CURLOPT_SSLCERT => $this->settings->mws_cert,
        CURLOPT_SSLKEY => $this->settings->mws_private_key,
        CURLOPT_SSLCERTPASSWD => $this->settings->mws_cert_password,
        CURLOPT_SSL_VERIFYHOST => false,
        CURLOPT_VERBOSE => 1,
        CURLOPT_POSTFIELDS => $requestBody
    );
    curl_setopt_array($curl, $params);
    $result = null;
    try {
        $result = curl_exec($curl);
        if ($result === false) $result = curl_error($curl);
        $this->log->info("Result: " . $result);
        if (!$result) {
            trigger_error(curl_error($curl));
        }
        curl_close($curl);
    } catch (HttpException $ex) {
    $this->log->info("Error: " . $ex);
        echo $ex;
    }
    return $result;
}

And ListOrder.php

<?php
namespace shop;

require_once "../Settings.php";
require_once "MWS.php";

$mws = new MWS(new Settings());

?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta content="IE=edge" http-equiv="X-UA-Compatible">
<meta content="width=device-width, initial-scale=1" name="viewport">
</head>
<body>
<?php echo htmlspecialchars($mws->listOrders()) ?>

</body>
</html>
0

There are 0 answers