HTTPS和SSL3_GET_SERVER_CERTIFICATE：证书验证失败，CA正常 [英] HTTPS and SSL3_GET_SERVER_CERTIFICATE:certificate verify failed, CA is OK

问题描述

我使用 XAMPP 进行开发。最近我将我的安装xampp从旧版本升级到1.7.3。

I am using XAMPP for development. Recently I upgraded my installation of xampp from an old version to 1.7.3.

现在当我启用启用HTTPS的网站时，我会收到以下异常

Now when I curl HTTPS enabled sites I get the following exception

致命错误：未捕获异常'RequestCore_Exception'带消息
'cURL resource：Resource
id＃55; cURL错误：SSL证书问题，请验证CA证书是否正确。详细信息：
错误：14090086：SSL例程：SSL3_GET_SERVER_CERTIFICATE：证书验证失败（60）'

Fatal error: Uncaught exception 'RequestCore_Exception' with message 'cURL resource: Resource id #55; cURL error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (60)'

curl选项从PHP代码来解决这个问题。我认为这不应该是方式。因为我没有与我的旧版本的XAMPP的任何问题，只发生在安装新版本后。

Everyone suggest using some specific curl options from PHP code to fix this problem. I think this shouldn't be the way. Because I didn't have any problem with my old version of XAMPP and happened only after installing the new version.

我需要帮助来确定我的PHP安装中有哪些设置更改，Apache等可以解决此问题。

I need help to figure out what settings change in my PHP installation, Apache etc can fix this problem.

推荐答案

curl用于包含接受的CA列表，但不再包含任何CA CA证书。因此，默认情况下，它会将所有SSL证书拒绝为不可验证的。

curl used to include a list of accepted CAs, but no longer bundles ANY CA certs. So by default it'll reject all SSL certificates as unverifiable.

您必须获得您的CA的证书并指向它。有关详情，请参阅cURLS的服务器SSL证书详情。

You'll have to get your CA's cert and point curl at it. More details at cURLS's Details on Server SSL Certificates.

这篇关于HTTPS和SSL3_GET_SERVER_CERTIFICATE：证书验证失败，CA正常的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！