TechQA.

JKS file with Password to access Financial Institute's API

988 views Asked by At

I have received a JKS file encrypted with Password from a financial institution. The API uses port 444. When I use the JKS file and password with SoapUI (Preferences -> SSL Settings -> KeyStore [File] + KeyStore Password), I am able to send and receive XML request and responses. Without JSK file and password if I try to access the URL, then the browser does not load the API page.

After installing the file and providing the password to browser (Firefox -> Options -> Advance -> View Certificate -> Import); the page result shows Not proper request' [XML format] (That is able to access the page with certificate).

I converted the file to P12/PEM (using: keytool -importkeystore -srckeystore keystore.jks -srcstoretype JKS -deststoretype PKCS12 -destkeystore keystore.p12) - and it works same as above (for both SoupUI and Browser).

Now I like to use this file (JKS/PEM) file in my PHP code on IIS development server and Apache-Production server. During execution I am getting: Error: SSL certificate problem: unable to get local issuer certificate.

Note: The same JKS file with same password is used by another vendor with Python environment is working fine.

Please suggest a solution.

Thank you.

php ssl keytool pkcs#12 jks
Original Q&A
1

There are 1 answers

0
SANJAY BEEDI On BEST ANSWER

First need to convert the JKS file to PEM which could be used by your PHP code.

Then this should do:

$options = array(
  CURLOPT_RETURNTRANSFER  => true,          // return web page
  CURLOPT_PORT            => <Port#>,           //Post
  CURLOPT_CAPATH          => $ca_path,      //CA Path ***and not filename
  CURLOPT_CAINFO          => $cert_file,    //Certificate File
  CURLOPT_SSLCERT         => $key_file,     //SSL file
  CURLOPT_SSLKEYPASSWD    => $key_password, //Public Key
  CURLOPT_HTTPHEADER      => $aHeaders,     //Header
  CURLOPT_POST            => 1,            //Send POST
  CURLOPT_POSTFIELDS      => $xml,         //To Fetch Data
  CURLINFO_HEADER_OUT     => $properties,  //Application's Username and password
);
$ch = curl_init($url);
curl_setopt_array($ch, $options);
$content = curl_exec($ch);
$err = curl_errno($ch);
$errmsg = curl_error($ch);
$header = curl_getinfo($ch);
curl_close($ch);

$header['errno'] = $err;
$header['errmsg'] = $errmsg;
$header['content'] = $content;

Related Questions in PHP

Related Questions in SSL

Related Questions in KEYTOOL

Related Questions in PKCS#12

Related Questions in JKS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions