HTTPS and SSL3_GET_SERVER_CERTIFICATE:certificate verify failed, CA is OK [英] HTTPS and SSL3_GET_SERVER_CERTIFICATE:certificate verify failed, CA is OK

查看:44
本文介绍了HTTPS and SSL3_GET_SERVER_CERTIFICATE:certificate verify failed, CA is OK的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我使用 XAMPP 进行开发.最近我将 xampp 的安装从旧版本升级到 1.7.3.

I am using XAMPP for development. Recently I upgraded my installation of xampp from an old version to 1.7.3.

现在,当我卷曲启用 HTTPS 的网站时,出现以下异常

Now when I curl HTTPS enabled sites I get the following exception

致命错误:带有消息的未捕获异常RequestCore_Exception"'cURL 资源:资源编号#55;cURL 错误:SSL 证书问题,验证 CA 证书是否正常.细节:错误:14090086:SSL 例程:SSL3_GET_SERVER_CERTIFICATE:证书验证失败(60)'

Fatal error: Uncaught exception 'RequestCore_Exception' with message 'cURL resource: Resource id #55; cURL error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (60)'

每个人都建议使用 PHP 代码中的一些特定 curl 选项来解决此问题.我认为这不应该是方式.因为我的旧版本XAMPP没有任何问题,只有在安装新版本后才发生.

Everyone suggest using some specific curl options from PHP code to fix this problem. I think this shouldn't be the way. Because I didn't have any problem with my old version of XAMPP and happened only after installing the new version.

我需要帮助弄清楚我的 PHP 安装中的哪些设置更改、Apache 等可以解决此问题.

I need help to figure out what settings change in my PHP installation, Apache etc can fix this problem.

推荐答案

curl 用于包含已接受的证书颁发机构 (CA) 列表,但自 7.18.1 及以后不再捆绑任何 CA 证书.因此,默认情况下它会拒绝所有 TLS/SSL 证书,因为它无法验证.

curl used to include a list of accepted certificate authorities (CAs) but no longer bundles ANY CA certs since 7.18.1 and onwards. So by default it'll reject all TLS/SSL certificates as unverifiable.

您必须获得 CA 的根证书并指向它.在 curl 的有关 TLS/SSL 证书验证的详细信息中了解更多详情.

You'll have to get your CA's root certificate and point curl at it. More details at curl's details on TLS/SSL certificates verification.

这篇关于HTTPS and SSL3_GET_SERVER_CERTIFICATE:certificate verify failed, CA is OK的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆