API申请地址:https://api.mch.weixin.qq.com/v3/ecommerce/applyments/
/**
*获取证书
**/
public function getzhengshu(){
$url="https://api.mch.weixin.qq.com/v3/certificates";//获取地址
$timestamp = time();//时间戳
$nonce = $this->nonce_str();//获取一个随机字符串
$body = "";
$mch_private_key = $this->getPrivateKey($this->keyPath); //调用获取商户私钥方法传证书文件路径进去
$merchant_id = $this->mc_id; //服务商商户号
$serial_no = $this->serial_no; //服务商证书序列号
$sign=$this->sign($url,'GET',$timestamp,$nonce,$body,$mch_private_key,$merchant_id,$serial_no);
$header=[
'Authorization:WECHATPAY2-SHA256-RSA2048 '.$sign,
'Accept:application/json',
'User-Agent:'.$merchant_id
];
$result = $this->curl($url,'',$header,'GET');
$result = json_decode($result,true);
$serial_no = $result['data'][0]['serial_no'];//获取的平台证书序列号
$encrypt_certificate = $result['data'][0]['encrypt_certificate'];
$sign_key = $this->APIKeyV3; //APIv3密钥,商户平台API安全中获取
$result = $this->decryptToString($encrypt_certificate['associated_data'],$encrypt_certificate['nonce'],$encrypt_certificate['ciphertext'],$sign_key);
if(!is_file(EASYSWOOLE_ROOT.'/cert/partner/temp_cert.pem')) {
file_put_contents(EASYSWOOLE_ROOT.'/cert/partner/temp_cert.pem',$result);
}
return $serial_no;//返回平台证书序列号
}
//申请进件
public function add($param){
$url = 'https://api.mch.weixin.qq.com/v3/ecommerce/applyments/';
$merchant_id = $this->mc_id;//服务商商户号
$serial_no = $this->serial_no;//服务商证书序列号
$mch_private_key = $this->getPrivateKey($this->keyPath);//服务商API证书路径
$timestamp = time();
$nonce = $this->nonce_str();
$sign = $this->sign($url,'POST',$timestamp,$nonce,json_encode($param),$mch_private_key,$merchant_id,$serial_no);//进行签名操作
//设置header
$header = [
//设置发送的头信息
'Authorization:WECHATPAY2-SHA256-RSA2048 ' . $sign,//签名
'Accept:application/json',
'User-Agent:' . $merchant_id,//服务商的商户号
'Content-Type:application/json',
'Wechatpay-Serial:' . $this->getzhengshu() //获取平台证书的序列号
];
$result = $this->curl($url,json_encode($param),$header);
$result = json_decode($result, true);
return $result;
}
/**
*解密方法
*/
public function decryptToString($associatedData,$nonceStr,$ciphertext,$aesKey){
$ciphertext= base64_decode($ciphertext);
if(function_exists('sodium_crypto_aead_aes256gcm_is_available')&& sodium_crypto_aead_aes256gcm_is_available()){
return sodium_crypto_aead_aes256gcm_decrypt($ciphertext,$associatedData,$nonceStr,$aesKey);
}
if(PHP_VERSION_ID >= 70100 && in_array('aes-256-gcm', openssl_get_cipher_methods())){
$ctext=substr($ciphertext,0,-16);
$authTag=substr($ciphertext,-16);
return openssl_decrypt(
$ctext,
'aes-256-gcm',
$aesKey,
\OPENSSL_RAW_DATA,
$nonceStr,
$authTag,
$associatedData
);
}
throw new \RuntimeException('php7.1');
}
/**
*加密字符串
* @param $str 要加密的字符串
* @return string
* @throws \Exception
*/
public function getEncryptS($str) {
$public_key_path = EASYSWOOLE_ROOT.'/cert/partner/temp_cert.pem';
$public_key = file_get_contents($public_key_path);
$encrypted = '';
if (openssl_public_encrypt($str, $encrypted, $public_key, OPENSSL_PKCS1_OAEP_PADDING)){
$sign = base64_encode($encrypted);
}else{
throw new \Exception('encrypt failed');
}
return $sign;
}
//最终返回结果
Array
(
[code] => PARAM_ERROR
[message] => 证书类型格式错误,请重新选择
)
//所以是哪个证书问题?已确认服务商API证书没有问题
收藏
分享
扫描小程序码分享
回答
置顶电商收付通二级商户进件api申请,提示证书类型格式错误精选热门
·H·2023-09-202850浏览
相关问题
检查一下你加载的API证书