Hi Tim, That error you are getting is often thrown when curl tries to verify the remote host. You can bypass this check in PHP using: curl_setopt($link, CURLOPT_SSL_VERIFYPEER, FALSE); BUT this isn't ideal as it only hides the problem on your server.
Instead, what you need to do is check the permissions on your server in the certificates folder. Reading the error message you get it implies your certificate folder is: /etc/ssl/certs/ca-certificates.crt We can't help specifically on how to do this for your environment but your hosting provider should be able to help you. Hope that helps, Matt On Jun 21, 11:59 am, Taylor Singletary <taylorsinglet...@twitter.com> wrote: > Hi Tim, > > That sounds like your machine might be having some issues connecting via > SSL. Are you able to use Curl for any other SSL-based sites? > > Taylor > > On Mon, Jun 21, 2010 at 11:57 AM, Tim Millwood > <t...@millwoodonline.co.uk>wrote: > > > > > Tried using Curl instead of drupal_http_request and got the following > > error. > > > "error setting certificate verify locations:\n CAfile: \/etc\/ssl\/ > > certs\/ca-certificates.crt\n CApath: none\n" > > > Not sure what that means > > > On Jun 21, 4:40 pm, Tim Millwood <t...@millwoodonline.co.uk> wrote: > > > I have a test air app that posts to Twitpic perfectly fine using oAuth > > > Echo, if I change the URL to my web app I get 401. > > > > Here are the headers I am passing to twitter to verify credentials. Am > > > I missing some? > > > > [HTTP_X_AUTH_SERVICE_PROVIDER] => > >https://api.twitter.com/1/account/verify_credentials.json > > > > [Authorization] => OAuth > > > realm="twitter",oauth_consumer_key="t94eBtc4Pz2zqo4KhABseQ",oauth_token="62 > > 66632- > > > e0NRaGReqpzR84Floyg565BMJbBH4lYMxsJD9LNZY",oauth_version="1.0",oauth_timest > > amp="1276986312",oauth_nonce="KhWw0N",oauth_signature_method="HMAC- > > > SHA1",oauth_signature="ubKN3OQy8xC5Sdkn%2BD%2Bcq9c1ywY%3D" > > > > Tim > > > > On Jun 21, 4:28 pm, Taylor Singletary <taylorsinglet...@twitter.com> > > > wrote: > > > > > Awesome. There's much untapped potential in OAuth Echo beyond just the > > > > TwitPic, yFrog, etc. use cases. > > > > > This is an area where you're going to have to be very exacting. Have > > you > > > > confirmed that the request you are building would actually execute > > against > > > > Twitter correctly before you've sent it through your process? As in, > > have > > > > you verified that the HTTP Authorization header you've created will > > work > > > > against the end point before you've stuffed it into some other header, > > > > processed the request, etc. > > > > > Can you share the authorization header you are using and how you've > > defined > > > > the OAuth Echo headers? Your signature base string for the same? > > > > > Taylor > > > > > On Mon, Jun 21, 2010 at 8:06 AM, Tim Millwood < > > t...@millwoodonline.co.uk>wrote: > > > > > > I am trying to do something else. > > > > > > I am not trying post to twitpic, I am trying to post to my own web > > app > > > > > (similar to twitpic). > > > > > > I am getting the HTTP_X_AUTH_SERVICE_PROVIDER and > > > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION headers from the test app, > > > > > then my web app is renaming the > > > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION header to Authorization and > > > > > POSTing both to the URL in HTTP_X_AUTH_SERVICE_PROVIDER. > > > > > This returns the 401 error. > > > > > > On Jun 21, 3:11 pm, Taylor Singletary <taylorsinglet...@twitter.com> > > > > > wrote: > > > > > > Hi Tim, > > > > > > > The call specified in your HTTP_X_* headers is for the OAuth Echo > > > > > provider > > > > > > to execute against the API. Since they execute the call, it > > invalidates > > > > > the > > > > > > oauth_nonce you provided. Really, it's a different API call that > > your > > > > > > application should be executing following an OAuth Echo > > transaction.. > > > > > > > 1. You've got something to post with TwitPic > > > > > > 2. You setup a mock request to Twitter to verify credentials so > > that > > > > > TwitPic > > > > > > can identify your user with Twitter > > > > > > 3. You send that mock request in HTTP_X_* headers to Twitpic, along > > with > > > > > > your API request to Twitpic with the image > > > > > > 4. TwitPic executes the Twitter API call specified in the HTTP_X_* > > > > > headers, > > > > > > verifying the user > > > > > > 5. On success, TwitPic sends you in its response information about > > the > > > > > media > > > > > > you just uploaded on behalf of your user > > > > > > 6. You take that response and append it to a tweet, or whatever > > other API > > > > > > operation you're doing, and send a brand new request to Twitter > > > > > > > Is this the flow you're following or are you trying to do something > > else? > > > > > > > Taylor > > > > > > > On Sat, Jun 19, 2010 at 12:40 PM, Tim Millwood < > > > > > t...@millwoodonline.co.uk>wrote: > > > > > > > > So... I now have a test app which is sending oAuth Echo request > > > > > > > successfully to Twitpic. > > > > > > > > If I change the URL to my web app I get a 401 error back from > > Twitter, > > > > > > > so there is something I am doing wrong. > > > > > > > > I am getting the HTTP_X_AUTH_SERVICE_PROVIDER and > > > > > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION headers from the test > > app, > > > > > > > then my web app is renaming the > > > > > > > HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION header to Authorization > > and > > > > > > > POSTing both to the URL in HTTP_X_AUTH_SERVICE_PROVIDER. > > > > > > > > This returns the 401 error. > > > > > > > > On Jun 17, 2:44 pm, Taylor Singletary < > > taylorsinglet...@twitter.com> > > > > > > > wrote: > > > > > > > > Hi Tim, > > > > > > > > > I'm not familiar with the Drupal OAuth module, but can help you > > a > > > > > little > > > > > > > > bit. > > > > > > > > > Hopefully that module is a bit flexible in the different > > approaches > > > > > you > > > > > > > can > > > > > > > > use to perform OAuth with it. Essentially, you need to build a > > "mock > > > > > > > > request" that you won't actually execute against an endpoint at > > > > > Twitter > > > > > > > > using your credentials. The canon for OAuth Echo right now is > > to > > > > > build a > > > > > > > GET > > > > > > > > request tohttp:// > > > > > api.twitter.com/1/account/verify_credentials.json--but > > > > > > > > essentially, you can use any resource you want (and the OAuth > > Echo > > > > > proxy > > > > > > > > provider could do something with the response in conjunction > > with > > > > > your > > > > > > > > request -- TwitPic, yFrog, etc. are only just one possibility > > of the > > > > > > > things > > > > > > > > you can do with OAuth Echo. > > > > > > > > > I edited up a good example in simple PHP of using OAuth Echo > > against > > > > > > > TwitPic > > > > > > > > the other day:http://pastie.org/pastes/1005387 > > > > > > > > > Taylor > > > > > > > > > On Thu, Jun 17, 2010 at 1:40 AM, Tim Millwood < > > > > > t...@millwoodonline.co.uk > > > > > > > >wrote: > > > > > > > > > > I'm trying to get oAuth Echo working withhttp://drippic.com > > > > > > > > > > My API url ishttp://drippic.com/drippic2/uploadifyouwanttogive > > > > > > > > > it a try. > > > > > > > > > > Here is my code. > > > > > > > > > $sp = $_SERVER['HTTP_X_AUTH_SERVICE_PROVIDER']; > > > > > > > > > $auth_cred = > > $_SERVER['HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION']; > > > > > > > > > $response = drupal_http_request($sp, > > > > > > > > > array('HTTP_X_AUTH_SERVICE_PROVIDER'=>$sp,'Authorization'=> > > > > > > > > > $auth_cred),'POST'); > > > watchdog('drippic','</pre>'.print_r($response,true).'</pre>'); > > > > > > > > > print(json_encode($response)); > > > > > > > > > > I'm not sure what I need to send it, I copied Twitpic's > > example and > > > > > > > > > used this in terminal > > > > > > > > > curl -v -H 'X-Auth-Service-Provider: > > > > > > > > >https://api.twitter.com/1/account/verify_credentials.json' > > > > > > > > > -H 'X-Verify-Credentials-Authorization: OAuth realm="http:// > > > > > > > > > api.twitter.com/", > > oauth_consumer_key="GDdmIQH6jhtmLUypg82g", > > > > > > > > > oauth_signature_method="HMAC-SHA1", oauth_token="819797- > > > > > > > > > Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw", > > > > > > > > > oauth_timestamp="1272325550", > > > > > > > > > oauth_nonce="oElnnMTQIZvqvlfXM56aBLAf5noGD0AQR3Fmi7Q6Y", > > > > > > > > > oauth_version="1.0", > > > > > oauth_signature="U1obTfE7Rs9J1kafTGwufLJdspo%3D"' > > > > > > > > >http://drippic.com/drippic2/upload > > > > > > > > > > It returns 401, guess it's because the details are wrong, and > > not > > > > > sure > > > > > > > > > what I should use. > > > > > > > > > > Can anyone help? > > > > > > > > > > (don't really know enough about oAuth, oAuth on the site is > > all > > > > > > > > > managed by the Drupal oAuth module)
