Curl error "Invalid certificate chain" when running vendor/bin/bunq-install

[georgeboot]

When running the initialisation, I am getting an exception.

Choose an environment (SANDBOX/PRODUCTION): PRODUCTION
Please provide your api key: API_KEY_HERE
An unexpected error occurred: cURL error 60: SSL certificate problem: Invalid certificate chain (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)

Am I missing something?

PHP version:

PHP 7.1.5 (cli) (built: May 13 2017 13:30:32) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.1.0, Copyright (c) 1998-2017 Zend Technologies

Curl version:

curl 7.54.0 (x86_64-apple-darwin16.0) libcurl/7.54.0 SecureTransport zlib/1.2.8
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz UnixSockets

[dnl-blkv]

@georgeboot Thanks for posting! We'll shortly look into it and fix it.

[OGKevin]

Hey @georgeboot while we are looking into this as a quick fix you can comment out this line and it should work:

sdk_php/lib/Http/ApiClient.php

Line 163 in 93ab9b4

CURLOPT_PINNEDPUBLICKEY => $this->determinePinnedServerPublicKey(),

Let me know if this works 👍

[georgeboot]

That unfortunately does not solve the issue!

sdk_php/lib/Context/ApiContext.php

Line 22 in e5c53d3

const BASE_URL_PRODUCTION = 'https://public.api.bunq.com/v1/';

serves a certificate for sandbox.search.api.bunq.com. When I changed that part to api.bunq.com I get one step further. By the way, I tried the same script with ApiClient in original form: that gives me the same issue as mentioned in #7.

The next issue I'm hitting is found at

sdk_php/lib/Context/SessionContext.php

Line 60 in e5c53d3

$expiryTime = microtime(true) + $sessionServer->getUserCompany()->getSessionTimeout();

. This implementation only works for business accounts; I am currently testing on a personal account. As a result, it produces an error: Call to a member function getSessionTimeout() on null

[dnl-blkv]

@georgeboot thanks for pointing out the SessionContext bug, UserCompany is indeed still there. Will include into the upcoming patch :)

[OGKevin]

Ah thats a nice spot @georgeboot, I'll create an separate issue for this as of it is not part of the main issue you have here 👍

[OGKevin]

Hey @georgeboot,

public.api.bunq.com is not our API url, this is a mistake on our end and will be fixed 👍 . The correct url is api.bunq.com indeed. Take a look here #11

[OGKevin]

Fix applied in 2d37046.

Closing the issue, feel free to reopen if it is still not working 👍