file_get_contents():SSL操作失败，代码为1(证书验证失败) [英] file_get_contents(): SSL operation failed with code 1 (certificate verify failed)

问题描述

我已经安装了WAMP 3.0.4，并且正在尝试编写一个连接到外部HTTPS Web服务的PHP脚本.但这会返回错误:

I have installed WAMP 3.0.4 and am trying to write a PHP script that connects to an external HTTPS web service. But this returns the error:

警告:file_get_contents():SSL操作失败，代码为1.OpenSSL错误消息:error:14090086:SSL例程:SSL3_GET_SERVER_CERTIFICATE:证书验证失败

Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

我写了一个简短的脚本来演示这个问题:

I have written a short script that demonstrates the issue:

<?php
$auth = base64_encode('username:password');

$aContext = array(
    'http' => array(
        'proxy' => 'tcp://proxyip:proxyport',
        'request_fulluri' => true,
        'header' => 'Proxy-Authorization: Basic $auth'
    ),
    'SSL' => array(
        'verify_peer' => false,
        'verify_peer_name' => false,
        'allow_self_signed' => true,
        'cafile' => 'C:/wamp/certificates/cacert.pem'
    )
);
$cxContext = stream_context_create($aContext);

$sFile = file_get_contents("https://www.google.com", False, $cxContext);

echo $sFile;
?>

使用代理服务器是必需的.

It is a requirement to use a proxy server.

可以看出，我尝试安装根证书捆绑包，还尝试将verify_peer添加为false(不是在生产环境中这样做)，但仍然收到此错误.

As can be seen, I have tried installing a root certificates bundle and also adding verify_peer to false (not that I would do that in production) but still I receive this error.

从上面可以清楚地看到，我是Apache/WAMP的新手.有人可以解释我所缺少的吗?

As can be clearly seen from the above, I am something of an Apache / WAMP novice. Can someone perhaps explain what I am missing?

推荐答案

如果您要禁用验证SSL连接，可以使用:

If you want to disable the verification of the SSL connection you can use:

'verify_peer' => false

在您的代码中:

<?php
$auth = base64_encode('username:password');

$aContext = array(
    'http' => array(
        'proxy' => 'tcp://proxyip:proxyport',
        'request_fulluri' => true,
        'header' => "Proxy-Authorization: Basic $auth"
    ),
    'ssl' => array(
        'verify_peer' => false,
    ),
);
$cxContext = stream_context_create($aContext);

$sFile = file_get_contents("https://www.google.com", False, $cxContext);

echo $sFile;
?>

但是请注意，这意味着没有人可以保证您获取的数据是真实的(因为未验证ssl证书).

However note that this means that no-one is guarantee you that the data you get is authentic (since the ssl certificate is NOT verified).

如果要验证证书，则应按问题中的说明使用根证书，但是，您说您使用的是WAMP，因此cafile的路径应类似于:

If you want to verify the certificate, you should use the root certificates as in your question, however, you said you work with WAMP so the path to your cafile should be something like:

"cafile" => "c:/wamp/certificates/cacert.pem",

更重要-您在问题中没有提及proxy.是您需要的东西，还是在某个地方找到并试图使用的东西?

More important - you said nothing regarding the proxy in your question. Is it something that you need or is it something you found somewhere and just trying to use?

如果您不需要代理，请从请求中删除.

If you don't need the proxy just remove if from your request.

这篇关于file_get_contents():SSL操作失败，代码为1(证书验证失败)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！