-
-
Save netojoaobatista/ea21a6dd8988245884fd to your computer and use it in GitHub Desktop.
| #!/bin/bash | |
| if [ $EUID != 0 ]; then | |
| echo 'Você precisa ser root para instalar certificados.' | |
| exit $? | |
| fi | |
| # Diretório onde os certificados serão instalados | |
| cert_path=`openssl version -d|sed 's/.*\"\(.*\)\"/\1/g'`/certs | |
| # Path para o certificado da Cielo | |
| ecommerce=$cert_path/ecommerce-cielo.crt | |
| # Path para o certificado da intermediária | |
| intermediaria=$cert_path/intermediaria-cielo.crt | |
| # Path para o certificado raiz | |
| raiz=$cert_path/raiz-cielo.crt | |
| # Instalação do certificado raiz | |
| echo "Criando certificado raiz em $raiz" | |
| (cat << 'RAIZ-CIELO' | |
| -----BEGIN CERTIFICATE----- | |
| MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB | |
| yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL | |
| ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp | |
| U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW | |
| ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 | |
| aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL | |
| MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW | |
| ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln | |
| biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp | |
| U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y | |
| aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1 | |
| nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex | |
| t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz | |
| SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG | |
| BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+ | |
| rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/ | |
| NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E | |
| BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH | |
| BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy | |
| aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv | |
| MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE | |
| p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y | |
| 5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK | |
| WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ | |
| 4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N | |
| hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq | |
| -----END CERTIFICATE----- | |
| RAIZ-CIELO | |
| ) > $raiz | |
| # Criando um link simbólico para o certificado utilizando seu hash | |
| ln -s $raiz $cert_path/`openssl x509 -noout -hash -in $raiz`.0 &> /dev/null | |
| # Verificando se o certificado foi instalado corretamente | |
| openssl verify -CApath $cert_path $raiz | |
| # Instalação do certificado da intermediária | |
| echo "Criando certificado da intermediária em $intermediaria" | |
| (cat << 'INTERMEDIARIA-CIELO' | |
| -----BEGIN CERTIFICATE----- | |
| MIIFKzCCBBOgAwIBAgIQfuFKb2/v8tN/P61lTTratDANBgkqhkiG9w0BAQsFADCB | |
| yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL | |
| ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp | |
| U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW | |
| ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 | |
| aG9yaXR5IC0gRzUwHhcNMTMxMDMxMDAwMDAwWhcNMjMxMDMwMjM1OTU5WjB3MQsw | |
| CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV | |
| BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFudGVjIENs | |
| YXNzIDMgRVYgU1NMIENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK | |
| AoIBAQDYoWV0I+grZOIy1zM3PY71NBZI3U9/hxz4RCMTjvsR2ERaGHGOYBYmkpv9 | |
| FwvhcXBC/r/6HMCqo6e1cej/GIP23xAKE2LIPZyn3i4/DNkd5y77Ks7Imn+Hv9hM | |
| BBUyydHMlXGgTihPhNk1++OGb5RT5nKKY2cuvmn2926OnGAE6yn6xEdC0niY4+wL | |
| pZLct5q9gGQrOHw4CVtm9i2VeoayNC6FnpAOX7ddpFFyRnATv2fytqdNFB5suVPu | |
| IxpOjUhVQ0GxiXVqQCjFfd3SbtICGS97JJRL6/EaqZvjI5rq+jOrCiy39GAI3Z8c | |
| zd0tAWaAr7MvKR0juIrhoXAHDDQPAgMBAAGjggFdMIIBWTAvBggrBgEFBQcBAQQj | |
| MCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zMi5zeW1jYi5jb20wEgYDVR0TAQH/BAgw | |
| BgEB/wIBADBlBgNVHSAEXjBcMFoGBFUdIAAwUjAmBggrBgEFBQcCARYaaHR0cDov | |
| L3d3dy5zeW1hdXRoLmNvbS9jcHMwKAYIKwYBBQUHAgIwHBoaaHR0cDovL3d3dy5z | |
| eW1hdXRoLmNvbS9ycGEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3MxLnN5bWNi | |
| LmNvbS9wY2EzLWc1LmNybDAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0RBCIwIKQeMBwx | |
| GjAYBgNVBAMTEVN5bWFudGVjUEtJLTEtNTMzMB0GA1UdDgQWBBQBWavn3ToLWaZk | |
| Y9bPIAdX1ZHnajAfBgNVHSMEGDAWgBR/02Wnwt3su/AwCfNDOfoCrzMxMzANBgkq | |
| hkiG9w0BAQsFAAOCAQEAQgFVe9AWGl1Y6LubqE3X89frE5SG1n8hC0e8V5uSXU8F | |
| nzikEHzPg74GQ0aNCLxq1xCm+quvL2GoY/Jl339MiBKIT7Np2f8nwAqXkY9W+4nE | |
| qLuSLRtzsMarNvSWbCAI7woeZiRFT2cAQMgHVHQzO6atuyOfZu2iRHA0+w7qAf3P | |
| eHTfp61Vt19N9tY/4IbOJMdCqRMURDVLtt/JYKwMf9mTIUvunORJApjTYHtcvNUw | |
| LwfORELEC5n+5p/8sHiGUW3RLJ3GlvuFgrsEL/digO9i2n/2DqyQuFa9eT/ygG6j | |
| 2bkPXToHHZGThkspTOHcteHgM52zyzaRS/6htO7w+Q== | |
| -----END CERTIFICATE----- | |
| INTERMEDIARIA-CIELO | |
| ) > $intermediaria | |
| # Criando um link simbólico para o certificado utilizando seu hash | |
| ln -s $intermediaria $cert_path/`openssl x509 -noout -hash -in $intermediaria`.0 &> /dev/null | |
| # Verificando se o certificado foi instalado corretamente | |
| openssl verify -CApath $cert_path $intermediaria | |
| # Instalação do certificado Cielo | |
| echo "Criando certificado ecommerce da Cielo em $ecommerce" | |
| (cat << 'ECOMMERCE-CIELO' | |
| -----BEGIN CERTIFICATE----- | |
| MIIGmDCCBYCgAwIBAgIQPDxPqKXUhELIzHCju7K71DANBgkqhkiG9w0BAQsFADB3 | |
| MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd | |
| BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFudGVj | |
| IENsYXNzIDMgRVYgU1NMIENBIC0gRzMwHhcNMTUwMTE0MDAwMDAwWhcNMTYwMTE0 | |
| MjM1OTU5WjCCARoxEzARBgsrBgEEAYI3PAIBAxMCQlIxHTAbBgNVBA8TFFByaXZh | |
| dGUgT3JnYW5pemF0aW9uMRswGQYDVQQFExIwMS4wMjcuMDU4LzAwMDEtOTExCzAJ | |
| BgNVBAYTAkJSMREwDwYDVQQRDAgwNjQ1NDA1MDESMBAGA1UECAwJU2FvIFBhdWxv | |
| MRAwDgYDVQQHDAdCYXJ1ZXJpMRYwFAYDVQQJDA0yMTkgQWwgR3JhamF1MRMwEQYD | |
| VQQKDApDSUVMTyBTLkEuMTMwMQYDVQQLDCpUZXJtcyBvZiB1c2UgYXQgd3d3LnZl | |
| cmlzaWduLmNvbS9ycGEgKGMpMDUxHzAdBgNVBAMMFmVjb21tZXJjZS5jaWVsby5j | |
| b20uYnIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+93ljI0eXq17a | |
| ZzGhb7z19R6z04jbF6UTFy3pEauwW2HYRMl59AgIa/qt/g4j84BB5EE5mEn7XP2Q | |
| WTtIWFD81O6pEB9z7ep06zH4QbROA3yVItYt6P+OE7e7/d+jOUSmCf7hLs7J1fGa | |
| MCiM4533TPuJzWENS4bI5baw8OjkOSXfSyT31lj8UW2uNNVxR1ZXWjqrpAV3Gtqk | |
| vo5uFh+LwjSJbYAGUkNf6n3dB2J+u/Xu/05JBhoWIQVbE936x0XTRd/p/geZ2FrI | |
| BiMESzJ8yCyejyI78dryhPSspJRVmDrIVuDIUBKXbADpjwN3/EylOLQBkp/srvGG | |
| gDF5YMbbAgMBAAGjggJ5MIICdTAhBgNVHREEGjAYghZlY29tbWVyY2UuY2llbG8u | |
| Y29tLmJyMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG | |
| AQUFBwMBBggrBgEFBQcDAjBmBgNVHSAEXzBdMFsGC2CGSAGG+EUBBxcGMEwwIwYI | |
| KwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBka | |
| F2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMB8GA1UdIwQYMBaAFAFZq+fdOgtZpmRj | |
| 1s8gB1fVkedqMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9zci5zeW1jYi5jb20v | |
| c3IuY3JsMFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL3NyLnN5 | |
| bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3NyLnN5bWNiLmNvbS9zci5jcnQw | |
| ggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb | |
| 37jjd80OyA3cEAAAAUrpTlA+AAAEAwBHMEUCIQDe1FOthL8+YC9Yofv8lg3odSsT | |
| lUIH0gtjfP0HZumaFAIgVxbg76c6I0gIrb6x3w4R1yrBucLrq7S8tYKMBCdmFPkA | |
| dwBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAUrpTlLHAAAEAwBI | |
| MEYCIQCepIN3rz1UPIBCpU5g79SqNaQupsEsOvkkCRhxC4V5TgIhAPaBrevy0Q+4 | |
| LEb0P7f9eI2fGJMbIoQmsaOlKvycn2FpMA0GCSqGSIb3DQEBCwUAA4IBAQCDOHIx | |
| Ic2NktxNi5nBgxHzXJvBV0OXkCF2nVJg1zL1Vv/QUnam3lMm/uDL4jv9OzjDkm9I | |
| vSFgTDqaOXFkDRc8QfzsPiZvweLtHLJhEMcRLoUan/kHLxxV7mM/YOuMim/39dcj | |
| hV9J9xZZRX2kQ/tT/kE1z8IyQ2FaWwSvjQqj6nneRys1VhNMmzxsfNR24zvNZn1n | |
| wZCkIxEOWypNIJsikfKRbSmf71FGMwdPTa+nZZxmEsth3Q9zik03Skys3dgN8RFz | |
| lpR/gA2p4bpuGKDFIRegsGGAeks2u95xxI9sTk2q7XhFt+xktwMn32JF/ZlRgFEx | |
| w9gWQillv3FZH6wm | |
| -----END CERTIFICATE----- | |
| ECOMMERCE-CIELO | |
| ) > $ecommerce | |
| # Criando um link simbólico para o certificado utilizando seu hash | |
| ln -s $ecommerce $cert_path/`openssl x509 -noout -hash -in $ecommerce`.0 &> /dev/null | |
| # Verificando se o certificado foi instalado corretamente | |
| openssl verify -CApath $cert_path $ecommerce | |
| # Exibindo informações do certificado instalado | |
| openssl x509 -in $ecommerce -text -noout |
@msjunior007 - Estou tentando realizar o procedimento, porém sem sucesso meu cliente ainda usa a versão 1.5 do checkout. Fizemos a alteração e colocamos no CURL do PHP o novo crt e nada resolve.
Estou com o mesmo problema estou usando a 1.5 e parou de responder já fiz a instalação dos novos certificados
Código do erro: 99 Mensagem: HTTP READ TIMEOUT - o Limite de Tempo da transação foi estourado
@globsecure Conseguiu achar uma solução ?
Pessoal, consegui achar uma solução após a instalação dos 3 certificados conforme o msjunior007 colocou, caso use PHP altere a requisição do curl com os comandos abaixo:
curl_setopt($sessao_curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($sessao_curl, CURLOPT_SSLVERSION, 6);
curl_setopt($sessao_curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
Pessoal, bom dia!
Ele estava com esse problema agora a pouco, e resolvi apenas alterando as linhas abaixo:
curl_setopt($sessao_curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($sessao_curl, CURLOPT_SSLVERSION, 6);
Na verdade eu alterei apenas o "CURLOPT_SSL_VERIFYPEER" para ele não verificar a validade do certificado, e rolou. A CURLOPT_SSLVERSION eu já havia atualizado desde que a Cielo desabilitou o suporte a tls 1.1.
Abs!
Boa Tarde,
Obrigado aos que postaram a solução me ajudaram muito, estava com o sistema parado.
Para quem utiliza o PHP com versão abaixo da 5.6, precisa atualizar pois não existe a variável CURL_SSLVERSION_TLSv1_2 nas versões anteriores. O Apache estou utilizando a versão 2.2 e foi sem problemas.
Uma dúvida, @msjunior007 aonde você conseguiu estes certificados, até no site da Cielo está diferente.
Olá pessoal,
Desculpa a demora, eu não tinha visto que tinha algumas dúvidas.
@rrooliveira, peguei no link que havia passado acima, este: https://developercielo.github.io/manual/cielo-ecommerce
Abraços.
@msjunior007
o meu retornou assim significa que foi instalado corretamente? não vi nenhuma mensagem de erro
openssl s_client -connect apisandbox.cieloecommerce.cielo.com.br:443 -servername -tls1
CONNECTED(00000005)
depth=2 C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2009 Entrust, Inc. - for authorized use only", CN = Entrust Root Certification Authority - G2
verify return:1
depth=1 C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for authorized use only", CN = Entrust Certification Authority - L1K
verify return:1
depth=0 C = BR, ST = Sao Paulo, L = Barueri, O = CIELO S.A., CN = *.cieloecommerce.cielo.com.br
verify return:1
Certificate chain
0 s:C = BR, ST = Sao Paulo, L = Barueri, O = CIELO S.A., CN = *.cieloecommerce.cielo.com.br
i:C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for authorized use only", CN = Entrust Certification Authority - L1K
1 s:C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for authorized use only", CN = Entrust Certification Authority - L1K
i:C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2009 Entrust, Inc. - for authorized use only", CN = Entrust Root Certification Authority - G2
Server certificate
-----BEGIN CERTIFICATE-----
MIIHZTCCBk2gAwIBAgIRAL7du6n0o80SAAAAAFDhZoAwDQYJKoZIhvcNAQELBQAw
gboxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
MjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAs
BgNVBAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUswHhcN
MTgwNDAzMTM0NDQ1WhcNMjAwNDAzMTQxNDQ0WjBwMQswCQYDVQQGEwJCUjESMBAG
A1UECBMJU2FvIFBhdWxvMRAwDgYDVQQHEwdCYXJ1ZXJpMRMwEQYDVQQKEwpDSUVM
TyBTLkEuMSYwJAYDVQQDDB0qLmNpZWxvZWNvbW1lcmNlLmNpZWxvLmNvbS5icjCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANQTiq5AHCWsui3Zp4Y/I0D5
HOkyHHd7eNSDMQlHtBzT/LgAylppfqX0jUL+ZuQG2Ryjip1kSXR6Lt5+mDlTear2
YG3qxEAt6RbNyr+u+FqBW+DPlYOQt0SoMXm8cwb5WLBA7w0cvnDy3xS3r41APqEW
qwhdBXrDS8jZPIeZ93vjV0I/A4EJWP5pS0rUkrfFEnWNUmmeT0cFW+xq+dNX8Y++
KALXEGXsLUhvySD+SEV3ScvxH0QmrfKdWACJ1Nk3IRd8GKtx24NPSszTtoZ33Yw6
0e/OVFYjwytoWKQnlT2leXqa1Ah5Wh1cy1fzmlKqnaqPnvxN3VvXVku+hSKp8UMC
AwEAAaOCA60wggOpMEUGA1UdEQQ+MDyCHSouY2llbG9lY29tbWVyY2UuY2llbG8u
Y29tLmJyghtjaWVsb2Vjb21tZXJjZS5jaWVsby5jb20uYnIwggH4BgorBgEEAdZ5
AgQCBIIB6ASCAeQB4gB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MM
AAABYovcLfUAAAQDAEcwRQIgPM97TrssuPguwuXNltLfKn2ZOTALGl7WiNb2rW13
GkoCIQDsyBCZWBkw7O+esYLXdaf0/UZx4BvtuyfSHODDRheW4wB2ALvZ37wfinG1
k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABYovcLcEAAAQDAEcwRQIhAM1NPdVH
wDGPYB8A0TnCT2Fa6QzCslzidVzU1xf2baQjAiBknTkVSia9KuN4+xRcmsmiF11C
G5hGKl4K9jzB+mJYcAB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQ
AAABYovcLcgAAAQDAEgwRgIhAIQxScdEZkCsuW8o7CMkI01Mox2ztS3xE9Ee+Uem
jpWkAiEA+i18Teu6ubanYwWXLPk6udwbAFfYilsP2SIzXWLQoCgAdwBWFAaaL9fC
7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAWKL3C4fAAAEAwBIMEYCIQDgidOP
NTe65rpnkajQAU76WlEDNn0+zkRGQG4HIGgZGgIhAIW+2wrwWwze5CUhoCGA1Yyd
RnUzSa7Dkr0zU21Usi8vMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRy
dXN0Lm5ldC9sZXZlbDFrLmNybDBLBgNVHSAERDBCMDYGCmCGSAGG+mwKAQUwKDAm
BggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwCAYGZ4EMAQIC
MGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVz
dC5uZXQwMwYIKwYBBQUHMAKGJ2h0dHA6Ly9haWEuZW50cnVzdC5uZXQvbDFrLWNo
YWluMjU2LmNlcjAfBgNVHSMEGDAWgBSConB03bxTP8971PfNf6dgxgpMvzAdBgNV
HQ4EFgQUmFmdGzePSxPIAWp95Oa3sbynA6kwCQYDVR0TBAIwADANBgkqhkiG9w0B
AQsFAAOCAQEAfNEtXf8WaSb4ykhdp1z8VCBraGOsaeTvm2To9YmAUB9hBSALzIV5
QhdD855kcss/ZGrkszppaW356MddWPJ39qqqe1jWDATzjg5cB1wzCNJQfvijGw23
BKd60SbihgYG3gNg952qa5n46wskIQQfMR2lLTZXcCpgxUmvRL0zPgciUMhShUoV
HctzFk2H/9Tm0g/xR2ugwStecRR5QKCpLLPIGQIm1e3QMuvlJ+rpacOzVQj9rJR1
FbfQOB8Yl5PMpAH4Zhl/CQA/7nGLRJ2nPjXwP9K4Un14SJZZ2YwHjEOReQ5kf0if
TxhuhMhrG/LflVvPwJuUPDpJGWVFHnJQcQ==
-----END CERTIFICATE-----
subject=C = BR, ST = Sao Paulo, L = Barueri, O = CIELO S.A., CN = *.cieloecommerce.cielo.com.br
issuer=C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for authorized use only", CN = Entrust Certification Authority - L1K
No client certificate CA names sent
Peer signing digest: SHA1
Peer signature type: RSA
Server Temp Key: X25519, 253 bits
SSL handshake has read 3653 bytes and written 400 bytes
Verification: OK
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: C12B00006FF085C35DF019AF5747F694342297D1D7108CEFE0D3E2DA2D6582B6
Session-ID-ctx:
Master-Key: 05DAE276DF7DAAAA919BF3BFD29796C00B4E917500479973ACF32CC184EDE78A2CF49C2FFF0784EF227CB9DDD1A1EFD2
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1545021361
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
read:errno=104
e depois de fazer isso tudo precisa fazer algo como reset apache? e os certificados EV não fazem a ult ficar verde? no meu não houve nenhuma diferença só está o https normal de sempre
Os certificados da Cielo foram atualizado, baixem os 3 certificados e alterem pelo do script que dá certo:
https://developercielo.github.io/manual/cielo-ecommerce
BONUS
Para validar se o certificado está ok no servidor, rode:
openssl s_client -connect apisandbox.cieloecommerce.cielo.com.br:443 -servername -tls1