2

PHP代码验证是否包含CA证书

如果无法通过验证,请点击连接查看官方操作,安装相应的ca证书即可
# test_wechat_ca.php
<?php
$data = array('mch_id' => '商户id', 'nonce_str' => md5(time()));
$postData = $data + ['sign'=>strtoupper(md5(http_build_query($data) . "&key=你的密钥"))];
$xml = '<xml>';
foreach ($postData as $k => $v) {
    $xml .= '<' . $k .'><![CDATA[' . $v . ']]></' . $k .'>';
}
$xml .= '</xml>';

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://apitest.mch.weixin.qq.com/sandboxnew/pay/getsignkey');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch,CURLOPT_HEADER,0);

$content  = curl_exec($ch);
curl_close($ch);

$toXml = simplexml_load_string($content, 'SimpleXMLElement', LIBXML_NOCDATA);
$arrXml = (array)$toXml;

if ($arrXml['return_code'] == 'SUCCESS') {
    die('你的服务器通过微信支付HTTPS服务器证书验证');
}
if ($arrXml['return_code'] == 'FAIL') {
    die("你的服务器无法通过验证:" . $arrXml['return_msg'] . ";" . "<a hre='https://pay.weixin.qq.com/wiki/doc/api/micropay.php?chapter=23_4'>点我查看如何安装微信要求的根CA证书</a>");
}

?>

命令确认是否包含CA证书

openssl s_client -connect api.mch.weixin.qq.com:443  -verify_return_error

正常的输出为:


depth=3 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root

verify return:1

depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA

verify return:1

depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = GeoTrust RSA CA 2018

verify return:1

depth=0 C = CN, L = Shenzhen, O = Tencent Technology (Shenzhen) Company Limited, OU = R&D, CN = payapp.weixin.qq.com

verify return:1

CONNECTED(00000003)

---
# 注意上方的即可

Certificate chain

 0 s:/C=CN/L=Shenzhen/O=Tencent Technology (Shenzhen) Company Limited/OU=R&D/CN=payapp.weixin.qq.com

   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=GeoTrust RSA CA 2018

 1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=GeoTrust RSA CA 2018

   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA

 2 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA

   i:/C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root

安装根证书

clipboard.png


Object
2.8k 声望235 粉丝

域名代售,需要私信