An error occurred while developing the CA certificate for PHP development on the public account red envelope interface. please log on to the payment merchant platform to download the certificate. The red envelope interface always prompts "CA certificate error. please log on to the payment merchant platform to download the certificate ", after repeated debugging, the general solution is as follows:
1. First, make sure that the CA certificate path is correct. it must be an absolute path. because it is developed by PHP, three pem certificates are required.
2. ensure the server support. Sina Cloud's sae is not very well supported by tests and always reports an error. after switching to another server, it passes
The code section of the POST red packet certificate is as follows:
Function post ($ strXml ){
$ Url = 'https: // api.mch.weixin.qq.com/mmp aymkttransfers/sendredpack ';
$ Ch = curl_init ();
Curl_setopt ($ ch, CURLOPT_URL, $ url );
// Because the server and domain name need to be verified during use of the red packet, you need to set the following two lines
Curl_setopt ($ ch, CURLOPT_SSL_VERIFYPEER, true); // only trust the certificate issued by the CA
Curl_setopt ($ ch, CURLOPT_SSL_VERIFYHOST, 2); // check whether the domain name is set in the certificate and matches the provided host name
Curl_setopt ($ ch, CURLOPT_SSLCERT, '/var/www/html/hongbao/apiclient_cert.pem ');
Curl_setopt ($ ch, CURLOPT_SSLKEY, '/var/www/html/hongbao/apiclient_key.pem ');
Curl_setopt ($ ch, CURLOPT_CAINFO, '/var/www/html/hongbao/rootca. pem'); // CA root certificate (used to verify whether the website certificate is issued by CA)
Curl_setopt ($ ch, CURLOPT_POST, 1 );
Curl_setopt ($ ch, CURLOPT_POSTFIELDS, $ strXml );
Curl_setopt ($ ch, CURLOPT_RETURNTRANSFER, 1 );
Curl_setopt ($ ch, CURLOPT_HEADER, 0 );
$ Res = curl_exec ($ ch );
Curl_close ($ ch );
Return $ res;
}