PHP/Curl SSL Certificate Error with Payeezy

As I work toward syncing our as400 to our payment gateway, I’ve encountered an error both in PayTrace and Payeezy sample codes, generally when making a JSON post with Curl in PHP.

The error:

ssl certificate problem: self signed certificate in certificate chain

Almost ALL documentation / research on this suggests you turn off Curl verification (CURLOPT_SSL_VERIFYPEER off)  and yes, it works, but it’s just not an option when I’m trying to secure my server for payment transactions.…

PayTrace Client Side Encryption (PHP / IIS)

This is a quick for-developers-only guide of how to get your PHP/JS code (Windows) talking to PayTrace’s API.  I chose the Client Side Encryption as being our first time out, I wanted the least amount of strictness in PCI compliance.   This guide assumes you know PHP, JS, JQuery, a little of what an API does, enough to paste some JSON together and of course your HTML, CSS, etc.   You’re a developer, you have all the code provided open source, but this is a quick A-B-C of what code I used and how I got it working on Windows (IIS7) and hurdles I ran into.

All code here is readily available on GitHub, but if you’d like my version of it, download it on my Gist.…

Connecting to and Calling An AS400 Program with i5_toolkit

I’m starting to document some of the ways I’ve begun to use Aura’s EasyCom i5 Connect package to connect PHP to our as400. This has been a long process of trying to webify some of our programs and get the information out.  (btw, we’re a small business and yearly the package is about $600 – very, very reasonable.)

Currently, we have a webserver (Windows Server) that hosts our website. On it, we installed the required Aura software (a Windows exe GUI and a PHP extension) to connect to our as400. The PHP pages then utilize that PHP extension to make calls to our as400. On our as400 side, our programmer created small programs to access the larger programs we need. So, I pass say 3 parameters via PHP, make a call via Ericom i5, and then the RPG does the brainwork. It passes back my requested parameters and sets up a datafile I can query using basic ODBC and mySQL. We may change this in the future, but we like the logic work taking place in RPG on the as400 (where all our data resides anyway) and PHP being the fetcher of such data.

So, first up,  here’s how I …