WordPress.org

Ready to get started?Download WordPress

Forums

Simple Facebook Connect
[resolved] SSL Cert error when invoking sfc_remote from localhost (5 posts)

  1. kevinteo
    Member
    Posted 1 year ago #

    Hi Samuel (and others),

    I'm using SFCv1.4 and testing my code locally on WAMPServer (windows 7 laptop)

    I'm making an SFC Login call which triggers sfc_login_check in sfc-login.php. After authenticating with FB, I'm looking to get the email address associated with the FB account, to then check if the user has already registered on my WP site.

    Here's what I'm seeing while stepping through the code in debug mode:

    1. sfc_login_check invokes sfc_remote

    2. after triggering the line with wp_remote_get ("https://graph.facebook.com/oauth/access_token?client_id={$options['appid']}&redirect_uri=&client_secret={$options['app_secret']}&code={$args['code']}");

    I get this error in the debugger:
    SSL certificate problem, verify that the CA cert is OK. Details:
    error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

    When I issue that same request through a browser, I get an access token in the response. However, feeding this access token directly into the next wp_remote_get ($url, $args) invocation gives me an OAuth error.

    Any ideas on what I can do to work around this? Thanks in advance.

    Kevin

    http://wordpress.org/extend/plugins/simple-facebook-connect/

  2. Samuel Wood (Otto)
    Tech Ninja
    Plugin Author

    Posted 1 year ago #

    When you remote_get to an SSL URL, then it will perform a certificate check (this is Curl doing that). If you have not upgraded the certificate lists on your PHP install, this will cause that error.

    You can either update the certification authority lists in your PHP install, or you can add the sslverify=>false flag to the arguments list for remote_get to make it ignore the certification verification.

  3. kevinteo
    Member
    Posted 1 year ago #

    Thanks for the quick response Samuel.

    The sslverify=>false setting works well, and I made it pass the first wp_remote_get call. After the call, $resp["body'] comes back with:

    access_token=...bunch-of-stuff...&expires=3940

    which appears to contain more than just the access_token. I found I had to strip out "expires=3940" before the code goes into the second wp_remote_get that pulls down $data.

    I've only just started on FB's APIs so let me know if I'm doing something wrong! Thanks again.

    Kevin

  4. Samuel Wood (Otto)
    Tech Ninja
    Plugin Author

    Posted 1 year ago #

    That is a query string format. Easiest way to deal with it is to pass it through wp_parse_args(). This will convert it to an array with the access_token and the expires parameter as separate entries in the array.

    Also, access tokens are like passwords. Don't post 'em publicly. I removed the one you posted above. :)

  5. kevinteo
    Member
    Posted 1 year ago #

    Thanks again Samuel!

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic