[PHP] API REST http integration unknown certificate authority


#1

First, congrats brocaar for your awesome work on the lorasever and your heavy assistance on the forum. I read you almost every day help me a lot with the issues I’m having
Today im facing off a problem with maybe easy solution but I can’t yet ever solved

With PHP I’m trying to send a downlink to the API and I receive empty response to PHP request and this error on lora-app-server journal:
lora-app-server[6225]: 2018/07/22 17:02:35 http: TLS handshake error from 192.168.0.11:43812: remote error: tls: unknown certificate authority

With CURL I have the same error but with option --insecure works perfectly and the downlink appears at device queue:

curl --insecure  -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header 'Grpc-Metadata-Authorization: Bearer MyJWToken' -d '{ "confirmed": true, "data": "Njg2ZjZjNjE=", "devEUI": "mydevEUI", "fPort": 2 }' 'https://192.168.0.10:8080/api/devices/mydevEUI/queue'

I’m using self signed certificates because the servers are isolated in a private network, so I’m trying to avoid the certificates validation with:

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

I think this is the related config of lora-app-server:

[application_server.external_api]
# http server TLS certificate
tls_cert="/etc/lora-app-server/certs/http.pem"
# http server TLS key
tls_key="/etc/lora-app-server/certs/http-key.pem"

And this is the PHP code ( running on the another server Apache + PHP 5.4.16 ):

$service_url = 'https://192.168.0.10:8080/api/devices/mydevEUI/queue';
$curl = curl_init($service_url);
$token = 'MyJWToken';
// Set up a connection to the server.   
$header = array();
$header[] = 'Accept: application/json';
$header[] = 'Grpc-Metadata-Authorization: '.$token;
curl_setopt($curl, CURLOPT_HTTPHEADER,$header);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

// POST Calls identifier
curl_setopt($curl, CURLOPT_POST, true);
// PUT Calls identifier
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");
// DELETE Calls identifier
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE");

//Avoid certificate validation
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

// For POST and PUT Calls add this

// Enter the requested values of the body (if there is one) into this array
$curl_post_data = array(
        'confirmed' => 'true',
        'data' => 'Njg2ZjZjNjE=',
        'devEUI' => 'mydevEUI',
        'fPort' => '2'
);
curl_setopt($curl, CURLOPT_POSTFIELDS, $curl_post_data);

// Call the API
$curl_response = curl_exec($curl);
curl_close($curl);

// Print the response
echo $curl_response;

I’m still getting error: tls: unknown certificate authority
How can I solve ?

Many thanks in advance