PHP代码验证是否包含CA证书
如果无法通过验证,请点击连接查看官方操作,安装相应的ca证书即可
# test_wechat_ca.php
<?php
$data = array('mch_id' => '商户id', 'nonce_str' => md5(time()));
$postData = $data + ['sign'=>strtoupper(md5(http_build_query($data) . "&key=你的密钥"))];
$xml = '<xml>';
foreach ($postData as $k => $v) {
$xml .= '<' . $k .'><![CDATA[' . $v . ']]></' . $k .'>';
}
$xml .= '</xml>';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://apitest.mch.weixin.qq.com/sandboxnew/pay/getsignkey');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch,CURLOPT_HEADER,0);
$content = curl_exec($ch);
curl_close($ch);
$toXml = simplexml_load_string($content, 'SimpleXMLElement', LIBXML_NOCDATA);
$arrXml = (array)$toXml;
if ($arrXml['return_code'] == 'SUCCESS') {
die('你的服务器通过微信支付HTTPS服务器证书验证');
}
if ($arrXml['return_code'] == 'FAIL') {
die("你的服务器无法通过验证:" . $arrXml['return_msg'] . ";" . "<a hre='https://pay.weixin.qq.com/wiki/doc/api/micropay.php?chapter=23_4'>点我查看如何安装微信要求的根CA证书</a>");
}
?>
命令确认是否包含CA证书
openssl s_client -connect api.mch.weixin.qq.com:443 -verify_return_error
正常的输出为:
depth=3 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
verify return:1
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = GeoTrust RSA CA 2018
verify return:1
depth=0 C = CN, L = Shenzhen, O = Tencent Technology (Shenzhen) Company Limited, OU = R&D, CN = payapp.weixin.qq.com
verify return:1
CONNECTED(00000003)
---
# 注意上方的即可
Certificate chain
0 s:/C=CN/L=Shenzhen/O=Tencent Technology (Shenzhen) Company Limited/OU=R&D/CN=payapp.weixin.qq.com
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=GeoTrust RSA CA 2018
1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=GeoTrust RSA CA 2018
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
2 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
i:/C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root
安装根证书
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用
。你还可以使用@
来通知其他用户。