diff --git a/src/Handler/CurlFactory.php b/src/Handler/CurlFactory.php index b3f52975d..5e8d84388 100644 --- a/src/Handler/CurlFactory.php +++ b/src/Handler/CurlFactory.php @@ -456,6 +456,12 @@ private function applyHandlerOptions(EasyHandle $easy, array &$conf): void if (!\file_exists($cert)) { throw new \InvalidArgumentException("SSL certificate not found: {$cert}"); } + # OpenSSL (versions 0.9.3 and later) also support "P12" for PKCS#12-encoded files. + # see https://curl.se/libcurl/c/CURLOPT_SSLCERTTYPE.html + $ext = pathinfo($cert, \PATHINFO_EXTENSION); + if (preg_match('#^(der|p12)$#i', $ext)) { + $conf[\CURLOPT_SSLCERTTYPE] = strtoupper($ext); + } $conf[\CURLOPT_SSLCERT] = $cert; } diff --git a/tests/Handler/CurlFactoryTest.php b/tests/Handler/CurlFactoryTest.php index f8ad46903..0f9c32374 100644 --- a/tests/Handler/CurlFactoryTest.php +++ b/tests/Handler/CurlFactoryTest.php @@ -277,6 +277,34 @@ public function testAddsCertWithPassword() self::assertEquals('test', $_SERVER['_curl'][\CURLOPT_SSLCERTPASSWD]); } + public function testAddsDerCert() + { + $certFile = tempnam(sys_get_temp_dir(), "mock_test_cert"); + rename($certFile, $certFile .= '.der'); + try { + $f = new Handler\CurlFactory(3); + $f->create(new Psr7\Request('GET', Server::$url), ['cert' => $certFile]); + self::assertArrayHasKey(\CURLOPT_SSLCERTTYPE, $_SERVER['_curl']); + self::assertEquals('DER', $_SERVER['_curl'][\CURLOPT_SSLCERTTYPE]); + } finally { + @\unlink($certFile); + } + } + + public function testAddsP12Cert() + { + $certFile = tempnam(sys_get_temp_dir(), "mock_test_cert"); + rename($certFile, $certFile .= '.p12'); + try { + $f = new Handler\CurlFactory(3); + $f->create(new Psr7\Request('GET', Server::$url), ['cert' => $certFile]); + self::assertArrayHasKey(\CURLOPT_SSLCERTTYPE, $_SERVER['_curl']); + self::assertEquals('P12', $_SERVER['_curl'][\CURLOPT_SSLCERTTYPE]); + } finally { + @\unlink($certFile); + } + } + public function testValidatesProgress() { $f = new Handler\CurlFactory(3);