Using curl in php with client certificate and private key in separate files

Here is a PHP script with a literal translation of your command line call:

 <?php $data = "var1=value1&var2=value2&..."; $url = "https://www.somesite.com/page"; $keyFile = "key.pem"; $caFile = "ca.pem"; $certFile = "client.pem"; $certPass = "xxxxxx"; // Initialise cURL $ch = curl_init($actualUrl); // The -d option is equivalent to CURLOPT_POSTFIELDS. But... // PHP libcurl interface does not implement the -G flag - instead you would // append $data to $url like this: $actualUrl = $url.'?'.$data; curl_setopt($ch, CURLOPT_URL, $actualUrl); // The -v flag only makes sense at the command line, but it can be enabled // with CURLOPT_VERBOSE - in this case the information will be written to // STDERR, or the file specified by CURLOPT_STDERR. I will ignore this for // now, but if you would like a demonstration let me know. // The --key option - If your key file has a password, you will need to set // this with CURLOPT_SSLKEYPASSWD curl_setopt($ch, CURLOPT_SSLKEY, $keyFile); // The --cacert option curl_setopt($ch, CURLOPT_CAINFO, $caFile); // The --cert option curl_setopt($ch, CURLOPT_SSLCERT, $certFile); curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $certPass); /* Now we should get an identical request to the one created by your command line string, let have a look at some of the other options you set... */ // CURLOPT_HEADER is disabled by default, there no need for this unless you // enabled it earlier //curl_setopt($ch, CURLOPT_HEADER, 0); // Your command line string forces a GET request with the -G option, are you // trying to POST or GET? //curl_setopt($ch, CURLOPT_POST, true); // We don't need body data with a GET request //curl_setopt($ch, CURLOPT_POSTFIELDS, $post); // Since we've gone to all the trouble of supplying CS information, we might // as well validate it! //curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);