-
-
Save netojoaobatista/ea21a6dd8988245884fd to your computer and use it in GitHub Desktop.
| #!/bin/bash | |
| if [ $EUID != 0 ]; then | |
| echo 'Você precisa ser root para instalar certificados.' | |
| exit $? | |
| fi | |
| # Diretório onde os certificados serão instalados | |
| cert_path=`openssl version -d|sed 's/.*\"\(.*\)\"/\1/g'`/certs | |
| # Path para o certificado da Cielo | |
| ecommerce=$cert_path/ecommerce-cielo.crt | |
| # Path para o certificado da intermediária | |
| intermediaria=$cert_path/intermediaria-cielo.crt | |
| # Path para o certificado raiz | |
| raiz=$cert_path/raiz-cielo.crt | |
| # Instalação do certificado raiz | |
| echo "Criando certificado raiz em $raiz" | |
| (cat << 'RAIZ-CIELO' | |
| -----BEGIN CERTIFICATE----- | |
| MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB | |
| yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL | |
| ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp | |
| U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW | |
| ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 | |
| aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL | |
| MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW | |
| ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln | |
| biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp | |
| U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y | |
| aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1 | |
| nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex | |
| t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz | |
| SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG | |
| BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+ | |
| rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/ | |
| NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E | |
| BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH | |
| BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy | |
| aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv | |
| MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE | |
| p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y | |
| 5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK | |
| WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ | |
| 4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N | |
| hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq | |
| -----END CERTIFICATE----- | |
| RAIZ-CIELO | |
| ) > $raiz | |
| # Criando um link simbólico para o certificado utilizando seu hash | |
| ln -s $raiz $cert_path/`openssl x509 -noout -hash -in $raiz`.0 &> /dev/null | |
| # Verificando se o certificado foi instalado corretamente | |
| openssl verify -CApath $cert_path $raiz | |
| # Instalação do certificado da intermediária | |
| echo "Criando certificado da intermediária em $intermediaria" | |
| (cat << 'INTERMEDIARIA-CIELO' | |
| -----BEGIN CERTIFICATE----- | |
| MIIFKzCCBBOgAwIBAgIQfuFKb2/v8tN/P61lTTratDANBgkqhkiG9w0BAQsFADCB | |
| yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL | |
| ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp | |
| U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW | |
| ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 | |
| aG9yaXR5IC0gRzUwHhcNMTMxMDMxMDAwMDAwWhcNMjMxMDMwMjM1OTU5WjB3MQsw | |
| CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV | |
| BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFudGVjIENs | |
| YXNzIDMgRVYgU1NMIENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK | |
| AoIBAQDYoWV0I+grZOIy1zM3PY71NBZI3U9/hxz4RCMTjvsR2ERaGHGOYBYmkpv9 | |
| FwvhcXBC/r/6HMCqo6e1cej/GIP23xAKE2LIPZyn3i4/DNkd5y77Ks7Imn+Hv9hM | |
| BBUyydHMlXGgTihPhNk1++OGb5RT5nKKY2cuvmn2926OnGAE6yn6xEdC0niY4+wL | |
| pZLct5q9gGQrOHw4CVtm9i2VeoayNC6FnpAOX7ddpFFyRnATv2fytqdNFB5suVPu | |
| IxpOjUhVQ0GxiXVqQCjFfd3SbtICGS97JJRL6/EaqZvjI5rq+jOrCiy39GAI3Z8c | |
| zd0tAWaAr7MvKR0juIrhoXAHDDQPAgMBAAGjggFdMIIBWTAvBggrBgEFBQcBAQQj | |
| MCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zMi5zeW1jYi5jb20wEgYDVR0TAQH/BAgw | |
| BgEB/wIBADBlBgNVHSAEXjBcMFoGBFUdIAAwUjAmBggrBgEFBQcCARYaaHR0cDov | |
| L3d3dy5zeW1hdXRoLmNvbS9jcHMwKAYIKwYBBQUHAgIwHBoaaHR0cDovL3d3dy5z | |
| eW1hdXRoLmNvbS9ycGEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3MxLnN5bWNi | |
| LmNvbS9wY2EzLWc1LmNybDAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0RBCIwIKQeMBwx | |
| GjAYBgNVBAMTEVN5bWFudGVjUEtJLTEtNTMzMB0GA1UdDgQWBBQBWavn3ToLWaZk | |
| Y9bPIAdX1ZHnajAfBgNVHSMEGDAWgBR/02Wnwt3su/AwCfNDOfoCrzMxMzANBgkq | |
| hkiG9w0BAQsFAAOCAQEAQgFVe9AWGl1Y6LubqE3X89frE5SG1n8hC0e8V5uSXU8F | |
| nzikEHzPg74GQ0aNCLxq1xCm+quvL2GoY/Jl339MiBKIT7Np2f8nwAqXkY9W+4nE | |
| qLuSLRtzsMarNvSWbCAI7woeZiRFT2cAQMgHVHQzO6atuyOfZu2iRHA0+w7qAf3P | |
| eHTfp61Vt19N9tY/4IbOJMdCqRMURDVLtt/JYKwMf9mTIUvunORJApjTYHtcvNUw | |
| LwfORELEC5n+5p/8sHiGUW3RLJ3GlvuFgrsEL/digO9i2n/2DqyQuFa9eT/ygG6j | |
| 2bkPXToHHZGThkspTOHcteHgM52zyzaRS/6htO7w+Q== | |
| -----END CERTIFICATE----- | |
| INTERMEDIARIA-CIELO | |
| ) > $intermediaria | |
| # Criando um link simbólico para o certificado utilizando seu hash | |
| ln -s $intermediaria $cert_path/`openssl x509 -noout -hash -in $intermediaria`.0 &> /dev/null | |
| # Verificando se o certificado foi instalado corretamente | |
| openssl verify -CApath $cert_path $intermediaria | |
| # Instalação do certificado Cielo | |
| echo "Criando certificado ecommerce da Cielo em $ecommerce" | |
| (cat << 'ECOMMERCE-CIELO' | |
| -----BEGIN CERTIFICATE----- | |
| MIIGmDCCBYCgAwIBAgIQPDxPqKXUhELIzHCju7K71DANBgkqhkiG9w0BAQsFADB3 | |
| MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd | |
| BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFudGVj | |
| IENsYXNzIDMgRVYgU1NMIENBIC0gRzMwHhcNMTUwMTE0MDAwMDAwWhcNMTYwMTE0 | |
| MjM1OTU5WjCCARoxEzARBgsrBgEEAYI3PAIBAxMCQlIxHTAbBgNVBA8TFFByaXZh | |
| dGUgT3JnYW5pemF0aW9uMRswGQYDVQQFExIwMS4wMjcuMDU4LzAwMDEtOTExCzAJ | |
| BgNVBAYTAkJSMREwDwYDVQQRDAgwNjQ1NDA1MDESMBAGA1UECAwJU2FvIFBhdWxv | |
| MRAwDgYDVQQHDAdCYXJ1ZXJpMRYwFAYDVQQJDA0yMTkgQWwgR3JhamF1MRMwEQYD | |
| VQQKDApDSUVMTyBTLkEuMTMwMQYDVQQLDCpUZXJtcyBvZiB1c2UgYXQgd3d3LnZl | |
| cmlzaWduLmNvbS9ycGEgKGMpMDUxHzAdBgNVBAMMFmVjb21tZXJjZS5jaWVsby5j | |
| b20uYnIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+93ljI0eXq17a | |
| ZzGhb7z19R6z04jbF6UTFy3pEauwW2HYRMl59AgIa/qt/g4j84BB5EE5mEn7XP2Q | |
| WTtIWFD81O6pEB9z7ep06zH4QbROA3yVItYt6P+OE7e7/d+jOUSmCf7hLs7J1fGa | |
| MCiM4533TPuJzWENS4bI5baw8OjkOSXfSyT31lj8UW2uNNVxR1ZXWjqrpAV3Gtqk | |
| vo5uFh+LwjSJbYAGUkNf6n3dB2J+u/Xu/05JBhoWIQVbE936x0XTRd/p/geZ2FrI | |
| BiMESzJ8yCyejyI78dryhPSspJRVmDrIVuDIUBKXbADpjwN3/EylOLQBkp/srvGG | |
| gDF5YMbbAgMBAAGjggJ5MIICdTAhBgNVHREEGjAYghZlY29tbWVyY2UuY2llbG8u | |
| Y29tLmJyMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG | |
| AQUFBwMBBggrBgEFBQcDAjBmBgNVHSAEXzBdMFsGC2CGSAGG+EUBBxcGMEwwIwYI | |
| KwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBka | |
| F2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMB8GA1UdIwQYMBaAFAFZq+fdOgtZpmRj | |
| 1s8gB1fVkedqMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zci5zeW1jYi5jb20v | |
| c3IuY3JsMFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL3NyLnN5 | |
| bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3NyLnN5bWNiLmNvbS9zci5jcnQw | |
| ggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb | |
| 37jjd80OyA3cEAAAAUrpTlA+AAAEAwBHMEUCIQDe1FOthL8+YC9Yofv8lg3odSsT | |
| lUIH0gtjfP0HZumaFAIgVxbg76c6I0gIrb6x3w4R1yrBucLrq7S8tYKMBCdmFPkA | |
| dwBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAUrpTlLHAAAEAwBI | |
| MEYCIQCepIN3rz1UPIBCpU5g79SqNaQupsEsOvkkCRhxC4V5TgIhAPaBrevy0Q+4 | |
| LEb0P7f9eI2fGJMbIoQmsaOlKvycn2FpMA0GCSqGSIb3DQEBCwUAA4IBAQCDOHIx | |
| Ic2NktxNi5nBgxHzXJvBV0OXkCF2nVJg1zL1Vv/QUnam3lMm/uDL4jv9OzjDkm9I | |
| vSFgTDqaOXFkDRc8QfzsPiZvweLtHLJhEMcRLoUan/kHLxxV7mM/YOuMim/39dcj | |
| hV9J9xZZRX2kQ/tT/kE1z8IyQ2FaWwSvjQqj6nneRys1VhNMmzxsfNR24zvNZn1n | |
| wZCkIxEOWypNIJsikfKRbSmf71FGMwdPTa+nZZxmEsth3Q9zik03Skys3dgN8RFz | |
| lpR/gA2p4bpuGKDFIRegsGGAeks2u95xxI9sTk2q7XhFt+xktwMn32JF/ZlRgFEx | |
| w9gWQillv3FZH6wm | |
| -----END CERTIFICATE----- | |
| ECOMMERCE-CIELO | |
| ) > $ecommerce | |
| # Criando um link simbólico para o certificado utilizando seu hash | |
| ln -s $ecommerce $cert_path/`openssl x509 -noout -hash -in $ecommerce`.0 &> /dev/null | |
| # Verificando se o certificado foi instalado corretamente | |
| openssl verify -CApath $cert_path $ecommerce | |
| # Exibindo informações do certificado instalado | |
| openssl x509 -in $ecommerce -text -noout |
@netojoaobatista
Show o script.
Precisa fazer mais algo para instalar? Resetar apache, etc?
Olá Amigo estou com problema retorno XML da Cielo uso CPANEL. Acontece apenas servidores internacional
E possível desativar TLS 1 no Cpanel?
2015-12-05 12:11:05:000000 (BRST)
DO ARQUIVO: /conseld/Cielo/operacoes.php?executaCielo=OK&idPagamento=509&campo=pagCartaoCredito
OPERAÇÃO: Requisicao Tid
RESPOSTA: Operation timed out after 0 milliseconds with 0 out of 0 bytes received
Erros logs
//HTTP READ TIMEOUT - o Limite de Tempo da transação foi estourado
//------------------PHP------------------------------
$sessao_curl = curl_init();
curl_setopt($sessao_curl, CURLOPT_URL, $paEndereco);
curl_setopt($sessao_curl, CURLOPT_FAILONERROR, true);
curl_setopt($sessao_curl, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($sessao_curl, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($sessao_curl, CURLOPT_CAINFO, getcwd() ."/ssl/VeriSignClass3PublicPrimaryCertificationAuthority-G5.crt");
curl_setopt($sessao_curl, CURLOPT_SSLVERSION, 4);
curl_setopt($sessao_curl, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($sessao_curl, CURLOPT_TIMEOUT, 30);
curl_setopt($sessao_curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($sessao_curl, CURLOPT_POST, true);
curl_setopt($sessao_curl, CURLOPT_POSTFIELDS, $paPost );
curl_exec($sessao_curl);
//Testei - nada também
curl_setopt($sessao_curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
Eu estou tendo o retorno de certificado expirado. Usando apache, ele nao consegue fazer a criptografia das chamadas.
[Wed Jan 17 16:16:42.843147 2018] [mpm_prefork:notice] [pid 31719] AH00169: caught SIGTERM, shutting down
[Wed Jan 17 16:16:43.886591 2018] [ssl:error] [pid 31901] AH02579: Init: Private key not found
[Wed Jan 17 16:16:43.886629 2018] [ssl:error] [pid 31901] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Wed Jan 17 16:16:43.886638 2018] [ssl:error] [pid 31901] SSL Library Error: error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[Wed Jan 17 16:16:43.886644 2018] [ssl:error] [pid 31901] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Wed Jan 17 16:16:43.886650 2018] [ssl:error] [pid 31901] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
[Wed Jan 17 16:16:43.886656 2018] [ssl:error] [pid 31901] SSL Library Error: error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
[Wed Jan 17 16:16:43.886662 2018] [ssl:error] [pid 31901] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Wed Jan 17 16:16:43.886668 2018] [ssl:error] [pid 31901] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)
[Wed Jan 17 16:16:43.886671 2018] [ssl:emerg] [pid 31901] AH02311: Fatal error initialising mod_ssl, exiting. See /var/log/apache2/error.log for more information
[Wed Jan 17 16:16:43.886674 2018] [ssl:emerg] [pid 31901] AH02564: Failed to configure encrypted (?) private key seederjobs.com:443:0, check /usr/lib/ssl/certs/intermediaria-cielo.crt
AH00016: Configuration Failed
[Wed Jan 17 16:31:28.442079 2018] [mpm_prefork:notice] [pid 32062] AH00163: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations
[Wed Jan 17 16:31:28.442148 2018] [core:notice] [pid 32062] AH00094: Command line: '/usr/sbin/apache2'
[Wed Jan 17 16:34:21.833003 2018] [mpm_prefork:notice] [pid 32062] AH00169: caught SIGTERM, shutting down
[Wed Jan 17 16:34:22.870801 2018] [ssl:error] [pid 32138] AH02579: Init: Private key not found
[Wed Jan 17 16:34:22.870841 2018] [ssl:error] [pid 32138] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Wed Jan 17 16:34:22.870849 2018] [ssl:error] [pid 32138] SSL Library Error: error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[Wed Jan 17 16:34:22.870854 2018] [ssl:error] [pid 32138] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Wed Jan 17 16:34:22.870859 2018] [ssl:error] [pid 32138] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
[Wed Jan 17 16:34:22.870865 2018] [ssl:error] [pid 32138] SSL Library Error: error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
[Wed Jan 17 16:34:22.870870 2018] [ssl:error] [pid 32138] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Wed Jan 17 16:34:22.870875 2018] [ssl:error] [pid 32138] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)
[Wed Jan 17 16:34:22.870879 2018] [ssl:emerg] [pid 32138] AH02311: Fatal error initialising mod_ssl, exiting. See /var/log/apache2/error.log for more information
[Wed Jan 17 16:34:22.870881 2018] [ssl:emerg] [pid 32138] AH02564: Failed to configure encrypted (?) private key seederjobs.com:443:0, check /usr/lib/ssl/certs/ecommerce-cielo.crt
AH00016: Configuration Failed
sudo ./cielo.sh
Criando certificado raiz em /usr/lib/ssl/certs/raiz-cielo.crt
/usr/lib/ssl/certs/raiz-cielo.crt: OK
Criando certificado da intermediária em /usr/lib/ssl/certs/intermediaria-cielo.crt
/usr/lib/ssl/certs/intermediaria-cielo.crt: OK
Criando certificado ecommerce da Cielo em /usr/lib/ssl/certs/ecommerce-cielo.crt
/usr/lib/ssl/certs/ecommerce-cielo.crt: jurisdictionC = BR, businessCategory = Private Organization, serialNumber = 01.027.058/0001-91, C = BR, postalCode = 06454050, ST = Sao Paulo, L = Barueri, street = 219 Al Grajau, O = CIELO S.A., OU = Terms of use at www.verisign.com/rpa (c)05, CN = ecommerce.cielo.com.br
error 10 at 0 depth lookup:certificate has expired
sudo a2enmod ssl
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Module socache_shmcb already enabled
Module ssl already enabled
é necessario alguma alteração para rodar este sh?
`#!/bin/bash
if [ $EUID != 0 ]; then
echo 'Você precisa ser root para instalar certificados.'
exit $?
fi
Diretório onde os certificados serão instalados
cert_path=openssl version -d|sed 's/.*\"\(.*\)\"/\1/g'/certs
Path para o certificado da Cielo
ecommerce=$cert_path/ecommerce-cielo.crt
Path para o certificado da intermediária
intermediaria=$cert_path/intermediaria-cielo.ca
Path para o certificado raiz
raiz=$cert_path/raiz-cielo.crt
Instalação do certificado raiz
echo "Criando certificado raiz em $raiz"
(cat << 'RAIZ-CIELO'
-----BEGIN CERTIFICATE-----
MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC
VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW
KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl
cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0MloXDTI2MTEyNzIw
NTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkw
NwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSBy
ZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNV
BAMTJEVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBALaVtkNC+sZtKm9I35RMOVcF7sN5EUFo
Nu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYszA9u3g3s+IIRe7bJWKKf4
4LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOwwCj0Yzfv9
KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGI
rb68j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi
94DkZfs0Nw4pgHBNrziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOB
sDCBrTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAi
gA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1MzQyWjAfBgNVHSMEGDAWgBRo
kORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DHhmak8fdLQ/uE
vW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA
A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9t
O1KzKtvn1ISMY/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6Zua
AGAT/3B+XxFNSRuzFVJ7yVTav52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP
9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTSW3iDVuycNsMm4hH2Z0kdkquM++v/
eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0tHuu2guQOHXvgR1m
0vdXcDazv/wor3ElhVsT/h5/WrQ8
-----END CERTIFICATE-----
RAIZ-CIELO
) > $raiz
Criando um link simbólico para o certificado utilizando seu hash
ln -s $raiz $cert_path/openssl x509 -noout -hash -in $raiz.0 &> /dev/null
Verificando se o certificado foi instalado corretamente
openssl verify -CApath $cert_path $raiz
Instalação do certificado da intermediária
echo "Criando certificado da intermediária em $intermediaria"
(cat << 'INTERMEDIARIA-CIELO'
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIMDulMwwAAAABR03eFMA0GCSqGSIb3DQEBCwUAMIG+MQsw
CQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2Vl
IHd3dy5lbnRydXN0Lm5ldC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMDkg
RW50cnVzdCwgSW5jLiAtIGZvciBhdXRob3JpemVkIHVzZSBvbmx5MTIwMAYDVQQD
EylFbnRydXN0IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjAeFw0x
NTEwMDUxOTEzNTZaFw0zMDEyMDUxOTQzNTZaMIG6MQswCQYDVQQGEwJVUzEWMBQG
A1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2VlIHd3dy5lbnRydXN0Lm5l
dC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMTIgRW50cnVzdCwgSW5jLiAt
IGZvciBhdXRob3JpemVkIHVzZSBvbmx5MS4wLAYDVQQDEyVFbnRydXN0IENlcnRp
ZmljYXRpb24gQXV0aG9yaXR5IC0gTDFLMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA2j+W0E25L0Tn2zlem1DuXKVh2kFnUwmqAJqOV38pa9vH4SEkqjrQ
jUcj0u1yFvCRIdJdt7hLqIOPt5EyaM/OJZMssn2XyP7BtBe6CZ4DkJN7fEmDImiK
m95HwzGYei59QAvS7z7Tsoyqj0ip/wDoKVgG97aTWpRzJiatWA7lQrjV6nN5ZGhT
JbiEz5R6rgZFDKNrTdDGvuoYpDbwkrK6HIiPOlJ/915tgxyd8B/lw9bdpXiSPbBt
LOrJz5RBGXFEaLpHPATpXbo+8DX3Fbae8i4VHj9HyMg4p3NFXU2wO7GOFyk36t0F
ASK7lDYqjVs1/lMZLwhGwSqzGmIdTivZGwIDAQABo4IBDDCCAQgwDgYDVR0PAQH/
BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsG
AQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAwBgNVHR8EKTAnMCWgI6Ah
hh9odHRwOi8vY3JsLmVudHJ1c3QubmV0L2cyY2EuY3JsMDsGA1UdIAQ0MDIwMAYE
VR0gADAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0L3JwYTAd
BgNVHQ4EFgQUgqJwdN28Uz/Pe9T3zX+nYMYKTL8wHwYDVR0jBBgwFoAUanImetAe
733nO2lR1GyNn5ASZqswDQYJKoZIhvcNAQELBQADggEBADnVjpiDYcgsY9NwHRkw
y/YJrMxp1cncN0HyMg/vdMNY9ngnCTQIlZIv19+4o/0OgemknNM/TWgrFTEKFcxS
BJPok1DD2bHi4Wi3Ogl08TRYCj93mEC45mj/XeTIRsXsgdfJghhcg85x2Ly/rJkC
k9uUmITSnKa1/ly78EqvIazCP0kkZ9Yujs+szGQVGHLlbHfTUqi53Y2sAEo1GdRv
c6N172tkw+CNgxKhiucOhk3YtCAbvmqljEtoZuMrx1gL+1YQ1JH7HdMxWBCMRON1
exCdtTix9qrKgWRs6PLigVWXUX/hwidQosk8WwBD9lu51aX8/wdQQGcHsFXwt35u
Lcw=
-----END CERTIFICATE-----
INTERMEDIARIA-CIELO
) > $intermediaria
Criando um link simbólico para o certificado utilizando seu hash
ln -s $intermediaria $cert_path/openssl x509 -noout -hash -in $intermediaria.0 &> /dev/null
Verificando se o certificado foi instalado corretamente
openssl verify -CApath $cert_path $intermediaria
Instalação do certificado Cielo
echo "Criando certificado ecommerce da Cielo em $ecommerce"
(cat << 'ECOMMERCE-CIELO'
-----BEGIN CERTIFICATE-----
MIIHZTCCBk2gAwIBAgIRAL7du6n0o80SAAAAAFDhZoAwDQYJKoZIhvcNAQELBQAw
gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs
BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN
MTgwNDAzMTM0NDQ1WhcNMjAwNDAzMTQxNDQ0WjBwMQswCQYDVQQGEwJCUjESMBAG
A1UECBMJU2FvIFBhdWxvMRAwDgYDVQQHEwdCYXJ1ZXJpMRMwEQYDVQQKEwpDSUVM
TyBTLkEuMSYwJAYDVQQDDB0qLmNpZWxvZWNvbW1lcmNlLmNpZWxvLmNvbS5icjCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANQTiq5AHCWsui3Zp4Y/I0D5
HOkyHHd7eNSDMQlHtBzT/LgAylppfqX0jUL+ZuQG2Ryjip1kSXR6Lt5+mDlTear2
YG3qxEAt6RbNyr+u+FqBW+DPlYOQt0SoMXm8cwb5WLBA7w0cvnDy3xS3r41APqEW
qwhdBXrDS8jZPIeZ93vjV0I/A4EJWP5pS0rUkrfFEnWNUmmeT0cFW+xq+dNX8Y++
KALXEGXsLUhvySD+SEV3ScvxH0QmrfKdWACJ1Nk3IRd8GKtx24NPSszTtoZ33Yw6
0e/OVFYjwytoWKQnlT2leXqa1Ah5Wh1cy1fzmlKqnaqPnvxN3VvXVku+hSKp8UMC
AwEAAaOCA60wggOpMEUGA1UdEQQ+MDyCHSouY2llbG9lY29tbWVyY2UuY2llbG8u
Y29tLmJyghtjaWVsb2Vjb21tZXJjZS5jaWVsby5jb20uYnIwggH4BgorBgEEAdZ5
AgQCBIIB6ASCAeQB4gB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MM
AAABYovcLfUAAAQDAEcwRQIgPM97TrssuPguwuXNltLfKn2ZOTALGl7WiNb2rW13
GkoCIQDsyBCZWBkw7O+esYLXdaf0/UZx4BvtuyfSHODDRheW4wB2ALvZ37wfinG1
k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABYovcLcEAAAQDAEcwRQIhAM1NPdVH
wDGPYB8A0TnCT2Fa6QzCslzidVzU1xf2baQjAiBknTkVSia9KuN4+xRcmsmiF11C
G5hGKl4K9jzB+mJYcAB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQ
AAABYovcLcgAAAQDAEgwRgIhAIQxScdEZkCsuW8o7CMkI01Mox2ztS3xE9Ee+Uem
jpWkAiEA+i18Teu6ubanYwWXLPk6udwbAFfYilsP2SIzXWLQoCgAdwBWFAaaL9fC
7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAWKL3C4fAAAEAwBIMEYCIQDgidOP
NTe65rpnkajQAU76WlEDNn0+zkRGQG4HIGgZGgIhAIW+2wrwWwze5CUhoCGA1Yyd
RnUzSa7Dkr0zU21Usi8vMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRy
dXN0Lm5ldC9sZXZlbDFrLmNybDBLBgNVHSAERDBCMDYGCmCGSAGG+mwKAQUwKDAm
BggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwCAYGZ4EMAQIC
MGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVz
dC5uZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFrLWNo
YWluMjU2LmNlcjAfBgNVHSMEGDAWgBSConB03bxTP8971PfNf6dgxgpMvzAdBgNV
HQ4EFgQUmFmdGzePSxPIAWp95Oa3sbynA6kwCQYDVR0TBAIwADANBgkqhkiG9w0B
AQsFAAOCAQEAfNEtXf8WaSb4ykhdp1z8VCBraGOsaeTvm2To9YmAUB9hBSALzIV5
QhdD855kcss/ZGrkszppaW356MddWPJ39qqqe1jWDATzjg5cB1wzCNJQfvijGw23
BKd60SbihgYG3gNg952qa5n46wskIQQfMR2lLTZXcCpgxUmvRL0zPgciUMhShUoV
HctzFk2H/9Tm0g/xR2ugwStecRR5QKCpLLPIGQIm1e3QMuvlJ+rpacOzVQj9rJR1
FbfQOB8Yl5PMpAH4Zhl/CQA/7nGLRJ2nPjXwP9K4Un14SJZZ2YwHjEOReQ5kf0if
TxhuhMhrG/LflVvPwJuUPDpJGWVFHnJQcQ==
-----END CERTIFICATE-----
ECOMMERCE-CIELO
) > $ecommerce
Criando um link simbólico para o certificado utilizando seu hash
ln -s $ecommerce $cert_path/openssl x509 -noout -hash -in $ecommerce.0 &> /dev/null
Verificando se o certificado foi instalado corretamente
openssl verify -CApath $cert_path $ecommerce
`
Os certificados da Cielo foram atualizado, baixem os 3 certificados e alterem pelo do script que dá certo:
https://developercielo.github.io/manual/cielo-ecommerce
BONUS
Para validar se o certificado está ok no servidor, rode:
openssl s_client -connect apisandbox.cieloecommerce.cielo.com.br:443 -servername -tls1
@msjunior007 - Estou tentando realizar o procedimento, porém sem sucesso meu cliente ainda usa a versão 1.5 do checkout. Fizemos a alteração e colocamos no CURL do PHP o novo crt e nada resolve.
Estou com o mesmo problema estou usando a 1.5 e parou de responder já fiz a instalação dos novos certificados
Código do erro: 99 Mensagem: HTTP READ TIMEOUT - o Limite de Tempo da transação foi estourado
@globsecure Conseguiu achar uma solução ?
Pessoal, consegui achar uma solução após a instalação dos 3 certificados conforme o msjunior007 colocou, caso use PHP altere a requisição do curl com os comandos abaixo:
curl_setopt($sessao_curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($sessao_curl, CURLOPT_SSLVERSION, 6);
curl_setopt($sessao_curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
Pessoal, bom dia!
Ele estava com esse problema agora a pouco, e resolvi apenas alterando as linhas abaixo:
curl_setopt($sessao_curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($sessao_curl, CURLOPT_SSLVERSION, 6);
Na verdade eu alterei apenas o "CURLOPT_SSL_VERIFYPEER" para ele não verificar a validade do certificado, e rolou. A CURLOPT_SSLVERSION eu já havia atualizado desde que a Cielo desabilitou o suporte a tls 1.1.
Abs!
Boa Tarde,
Obrigado aos que postaram a solução me ajudaram muito, estava com o sistema parado.
Para quem utiliza o PHP com versão abaixo da 5.6, precisa atualizar pois não existe a variável CURL_SSLVERSION_TLSv1_2 nas versões anteriores. O Apache estou utilizando a versão 2.2 e foi sem problemas.
Uma dúvida, @msjunior007 aonde você conseguiu estes certificados, até no site da Cielo está diferente.
Olá pessoal,
Desculpa a demora, eu não tinha visto que tinha algumas dúvidas.
@rrooliveira, peguei no link que havia passado acima, este: https://developercielo.github.io/manual/cielo-ecommerce
Abraços.
@msjunior007
o meu retornou assim significa que foi instalado corretamente? não vi nenhuma mensagem de erro
openssl s_client -connect apisandbox.cieloecommerce.cielo.com.br:443 -servername -tls1
CONNECTED(00000005)
depth=2 C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2009 Entrust, Inc. - for authorized use only", CN = Entrust Root Certification Authority - G2
verify return:1
depth=1 C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for authorized use only", CN = Entrust Certification Authority - L1K
verify return:1
depth=0 C = BR, ST = Sao Paulo, L = Barueri, O = CIELO S.A., CN = *.cieloecommerce.cielo.com.br
verify return:1
Certificate chain
0 s:C = BR, ST = Sao Paulo, L = Barueri, O = CIELO S.A., CN = *.cieloecommerce.cielo.com.br
i:C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for authorized use only", CN = Entrust Certification Authority - L1K
1 s:C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for authorized use only", CN = Entrust Certification Authority - L1K
i:C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2009 Entrust, Inc. - for authorized use only", CN = Entrust Root Certification Authority - G2
Server certificate
-----BEGIN CERTIFICATE-----
MIIHZTCCBk2gAwIBAgIRAL7du6n0o80SAAAAAFDhZoAwDQYJKoZIhvcNAQELBQAw
gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs
BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN
MTgwNDAzMTM0NDQ1WhcNMjAwNDAzMTQxNDQ0WjBwMQswCQYDVQQGEwJCUjESMBAG
A1UECBMJU2FvIFBhdWxvMRAwDgYDVQQHEwdCYXJ1ZXJpMRMwEQYDVQQKEwpDSUVM
TyBTLkEuMSYwJAYDVQQDDB0qLmNpZWxvZWNvbW1lcmNlLmNpZWxvLmNvbS5icjCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANQTiq5AHCWsui3Zp4Y/I0D5
HOkyHHd7eNSDMQlHtBzT/LgAylppfqX0jUL+ZuQG2Ryjip1kSXR6Lt5+mDlTear2
YG3qxEAt6RbNyr+u+FqBW+DPlYOQt0SoMXm8cwb5WLBA7w0cvnDy3xS3r41APqEW
qwhdBXrDS8jZPIeZ93vjV0I/A4EJWP5pS0rUkrfFEnWNUmmeT0cFW+xq+dNX8Y++
KALXEGXsLUhvySD+SEV3ScvxH0QmrfKdWACJ1Nk3IRd8GKtx24NPSszTtoZ33Yw6
0e/OVFYjwytoWKQnlT2leXqa1Ah5Wh1cy1fzmlKqnaqPnvxN3VvXVku+hSKp8UMC
AwEAAaOCA60wggOpMEUGA1UdEQQ+MDyCHSouY2llbG9lY29tbWVyY2UuY2llbG8u
Y29tLmJyghtjaWVsb2Vjb21tZXJjZS5jaWVsby5jb20uYnIwggH4BgorBgEEAdZ5
AgQCBIIB6ASCAeQB4gB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MM
AAABYovcLfUAAAQDAEcwRQIgPM97TrssuPguwuXNltLfKn2ZOTALGl7WiNb2rW13
GkoCIQDsyBCZWBkw7O+esYLXdaf0/UZx4BvtuyfSHODDRheW4wB2ALvZ37wfinG1
k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABYovcLcEAAAQDAEcwRQIhAM1NPdVH
wDGPYB8A0TnCT2Fa6QzCslzidVzU1xf2baQjAiBknTkVSia9KuN4+xRcmsmiF11C
G5hGKl4K9jzB+mJYcAB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQ
AAABYovcLcgAAAQDAEgwRgIhAIQxScdEZkCsuW8o7CMkI01Mox2ztS3xE9Ee+Uem
jpWkAiEA+i18Teu6ubanYwWXLPk6udwbAFfYilsP2SIzXWLQoCgAdwBWFAaaL9fC
7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAWKL3C4fAAAEAwBIMEYCIQDgidOP
NTe65rpnkajQAU76WlEDNn0+zkRGQG4HIGgZGgIhAIW+2wrwWwze5CUhoCGA1Yyd
RnUzSa7Dkr0zU21Usi8vMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRy
dXN0Lm5ldC9sZXZlbDFrLmNybDBLBgNVHSAERDBCMDYGCmCGSAGG+mwKAQUwKDAm
BggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwCAYGZ4EMAQIC
MGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVz
dC5uZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFrLWNo
YWluMjU2LmNlcjAfBgNVHSMEGDAWgBSConB03bxTP8971PfNf6dgxgpMvzAdBgNV
HQ4EFgQUmFmdGzePSxPIAWp95Oa3sbynA6kwCQYDVR0TBAIwADANBgkqhkiG9w0B
AQsFAAOCAQEAfNEtXf8WaSb4ykhdp1z8VCBraGOsaeTvm2To9YmAUB9hBSALzIV5
QhdD855kcss/ZGrkszppaW356MddWPJ39qqqe1jWDATzjg5cB1wzCNJQfvijGw23
BKd60SbihgYG3gNg952qa5n46wskIQQfMR2lLTZXcCpgxUmvRL0zPgciUMhShUoV
HctzFk2H/9Tm0g/xR2ugwStecRR5QKCpLLPIGQIm1e3QMuvlJ+rpacOzVQj9rJR1
FbfQOB8Yl5PMpAH4Zhl/CQA/7nGLRJ2nPjXwP9K4Un14SJZZ2YwHjEOReQ5kf0if
TxhuhMhrG/LflVvPwJuUPDpJGWVFHnJQcQ==
-----END CERTIFICATE-----
subject=C = BR, ST = Sao Paulo, L = Barueri, O = CIELO S.A., CN = *.cieloecommerce.cielo.com.br
issuer=C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for authorized use only", CN = Entrust Certification Authority - L1K
No client certificate CA names sent
Peer signing digest: SHA1
Peer signature type: RSA
Server Temp Key: X25519, 253 bits
SSL handshake has read 3653 bytes and written 400 bytes
Verification: OK
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: C12B00006FF085C35DF019AF5747F694342297D1D7108CEFE0D3E2DA2D6582B6
Session-ID-ctx:
Master-Key: 05DAE276DF7DAAAA919BF3BFD29796C00B4E917500479973ACF32CC184EDE78A2CF49C2FFF0784EF227CB9DDD1A1EFD2
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1545021361
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
read:errno=104
e depois de fazer isso tudo precisa fazer algo como reset apache? e os certificados EV não fazem a ult ficar verde? no meu não houve nenhuma diferença só está o https normal de sempre
Opa,
você esta tendo problemas em utilizar o curl ? (versao SSL 3 desabilitada e a TLS 1 sendo ignorada pelo curl)?
estou testando com perl -MDDP -MLWP::UserAgent -E 'my $ua = LWP::UserAgent->new;$ua->ssl_opts( verify_hostnames => 1, SSL_version =>q{tlsv1}); my $res = $ua->post(q{https://ecommerce.cbmp.com.br/servicos/ecommwsec.do}); p($res)'; mas de vez em quando caio em um servidor (deles) que recusa o tlsv1