Skip to main content

16 Messages

 • 

236 Points

Mon, Jun 18, 2018 7:22 PM

Curl problems (api and Smartzone)

Hi,

I'm creating an api program in combination with Ruckus access points and a Smartzone. When I login with the api's using postman everything works. Also with http request and php 5.3 it isn't a problem. But for php7 I need to use Curl and I receive certificate Errors. Can someone help me?



Programm language: php7

Error I get:
cURL Error #:SSL certificate problem: unable to get local issuer certificate

Example code:
$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_PORT => "7443",
  CURLOPT_URL => "https://$smartzone_ip:7443/api/public/v5_0/session";,
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_SSL_VERIFYPEER => false,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => "{\r\n  \"username\": \"$gebruikersnaam_ruckus\",\r\n  \"password\": \"$paswoord_ruckus\",\r\n  \"timeZoneUtcOffset\": \"+01:00\"\r\n}",
  CURLOPT_HTTPHEADER => array(
    "cache-control: no-cache",
    "content-type: application/json;charset=UTF-8",
    "cookie: JSESSIONID={JSESSIONID}",
    "postman-token: 2d8d37d3-7cd5-7cf5-f5c6-480a9805bfa9"
  ),
));

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}

If I add the following code to the curl_setopt_array (I know this isn't a good solution, but just for testing):
CURLOPT_SSL_VERIFYPEER => false,


I get the following error:
cURL Error #:SSL: certificate subject name 'scg.ruckuswireless.com' does not match target host name '78.XX.XXX.XXX'

Responses

16 Messages

 • 

236 Points

2 years ago

No one?
Brand User

Former Employee

 • 

2.6K Messages

 • 

44.8K Points

I'm not a programmer sorry, but the error appears to be with the IP address of the SCG in your FQDN 'scg.ruckuswireless.com'.
Do you have a DNS entry with this name and correct IP?

16 Messages

 • 

236 Points

I just use the ip-address so I don't know why he is referring to scg.ruckuswireless.be.
We have our own Virtual Smartzone

128 Messages

 • 

2.4K Points

did you provide a proper certificate to VSCG? given you're using ruckuswireless.be, im guessing you're using that as a private domain and not a public one. As such, I doubt you can get a proper domain cert. Also, you're using the IP to connect and the server is providing a certificate which does not have the IP, but only the hostname.

Regardles, the CURL option you want is CURLOPT_SSL_VERIFYHOST=0 instead of VERIFYPEER=0

Until you get a proper certificate, you'll need to use the VERIFYHOST=0 option. 

The proper certificate should have the CN (common name) issued to "scg.ruckuswireless.be" but also a SAN issued to the public IP 73.x.x.x 

good luck!

34 Messages

 • 

704 Points

Why don't you test first with curl command in a terminal? If it works, then you know it is not related to the SZ, and probably the issue is with the php code. 

You could try something like "curl -I https://nameSZ:8443"  If the output contains "HTTP/1.1 200 OK" then the issue is related to the php code. 

You should also look at the curl man page (try option -k).

16 Messages

 • 

236 Points

Thanks a lot Diego. It was not scg.ruckuswireless.be but .com. But indeed it will be a certificate problem. I didn't install a certificate on my VSCG. Is this the correct manual Diego? https://support.ruckuswireless.com/documents/1339-how-to-configure-certificates-for-smartzone

For the moment the verifyhost=0 is working. But we want a good solution so we will follow the manual.

@Alexf: I tested it with Curl terminal and received the same error. Thanks for the suggestion!