There should be many php clients. Mario, your registrar implementation
is in php, isn't it? What is your php epp connect procedure?
Jaromir
On Wed, 2015-03-04 at 12:04 +0200, Mark Elkins wrote:
I'd like to have my own client written in PHP talk
to FRED.
I was given separate CRT and KEY files by TZNIC. I've combined this
into a single PEM file with:
cat posix.key posix.crt > /tmp/tznic.pem
I can then successfully get the "Welcome" XML from FRED at TZNIC with:
openssl s_client -connect fred.tznic.or.tz:700 -cert /tmp/tznic.pem
This shows as a self-signed certificate (as expected).
(verify error:num=18:self signed certificate)
The combining of the crt and key is because php seems to want a combined
PEM certificate...
Then - I try connecting with a VERY stripped down PHP script....
(attached)...
The core of which is:
$ip="fred.tznic.or.tz";
$port=700;
$cert="/tmp/tznic.pem";
$context = stream_context_create();
$result = stream_context_set_option($context, 'ssl', 'local_cert',
$cert);
$result = stream_context_set_option($context, 'ssl', 'verify_peer',
false);
$result = stream_context_set_option($context, 'ssl', 'verify_host',
false);
$result = stream_context_set_option($context, 'ssl',
'allow_self_signed', true);
$fp = stream_socket_client("tls://$ip:$port", $errno,$errstr, 20,
STREAM_CLIENT_CONNECT, $context);
if(!$fp) echo "CONNECT ERROR: $errstr ($errno)\n";
else // read the packet......
The "stream_socket_client" simply times out.
What am I doing wrong???
Almost the same code works for: (ie changing machines, ports and Certs)
Central-NIC
ZACR/CO.ZA
CoCCA
The FRED test system at TZNIC is running certificate validation - I'm
assuming its got something to do with that????
I'm using a variety of different versioned PHP's
eg
PHP 5.5.18-pl0-gentoo (cli) (built: Nov 10 2014 22:20:27)
PHP 5.5.21-pl0-gentoo (cli) (built: Feb 6 2015 16:46:22)
PHP 5.4.34-pl0-gentoo (cli) (built: Nov 3 2014 11:10:23)
All do the same thing - timeout.
Is anyone using a PHP based client?? - that would be the start of a
WHMCS plugin for C-Panel (etc).
_______________________________________________
fred-users mailing list
fred-users(a)lists.nic.cz
https://lists.nic.cz/cgi-bin/mailman/listinfo/fred-users
--
Jaromir Talir
technicky reditel / Chief Technical Officer
-------------------------------------------
CZ.NIC, z.s.p.o. -- .cz domain registry
Milesovska 5, 130 00 Praha 3, Czech Republic
mailto:jaromir.talir@nic.cz
http://nic.cz/
sip:jaromir.talir@nic.cz tel:+420.222745107
mob:+420.739632712 fax:+420.222745112
-------------------------------------------