已忽略PHP CURL CURLOPT_SSL_VERIFYPEER [英] PHP CURL CURLOPT_SSL_VERIFYPEER ignored
问题描述
由于某些原因,我无法使用CURL与HTTPS。一切工作正常,直到我运行升级curl库。现在我在尝试执行CURL请求时遇到此响应: SSL CA证书(路径?访问权限?)有问题
发布在相关问题我试图做以下:
-
禁用主机和对等体的验证
curl_setopt($ cHandler,CURLOPT_SSL_VERIFYHOST,false);
curl_setopt($ cHandler,CURLOPT_SSL_VERIFYPEER,true);
-
启用
CURLOPT_SSL_VERIFYPEER
从 http://curl.haxx.se/docs/caextract.htmlcurl_setopt($ cHandler,CURLOPT_SSL_VERIFYPEER,true);
curl_setopt($ cHandler,CURLOPT_CAINFO,getcwd()。/positiveSSL.ca-bundle);
-
我也尝试过使用positiveSSL.ca-bundle
-
使用
编辑php ini设置curl.cainfo = cacert.pem
- 重命名
/ etc / pki / nssdb
到
/etc/pki/nssdb.old
$ b b
Unfortunatelly以上都不能解决我的问题,我不断得到SSL CA证书(路径?访问权限?)消息。
我不需要这个验证(我知道安全问题)。
有人有任何其他建议吗?
UPDATE
更新到最新的库并重新启动整个框,而不仅仅是我正在做的apache
根据文档:要验证主机或对等证书,您需要指定
还可以查看CURLOPT_SSL_VERIFYHOST:1来检查SSL中是否存在公共名称。CURLOPT_CAINFO选项或证书目录的备用证书可以使用CURLOPT_CAPATH选项指定。对等证书。 2检查是否存在通用名称,并验证其是否与提供的主机名匹配。
curl_setopt($ ch,CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ ch,CURLOPT_SSL_VERIFYPEER,0);
For some reason I am unable to use CURL with HTTPS. Everything was working fine untill I ran upgrade of curl libraries. Now I am experiencing this response when trying to perform CURL requests: Problem with the SSL CA cert (path? access rights?)
Following suggestions posted here on related issues I have tried to do the following:
Disable verification for host and peer
curl_setopt($cHandler, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($cHandler, CURLOPT_SSL_VERIFYPEER, true);
Enable
CURLOPT_SSL_VERIFYPEER
and point to cacert.pem downloaded from http://curl.haxx.se/docs/caextract.htmlcurl_setopt($cHandler, CURLOPT_SSL_VERIFYPEER, true); curl_setopt($cHandler, CURLOPT_CAINFO, getcwd() . "/positiveSSL.ca-bundle");
I also tried to do the same thing with positiveSSL.ca-bundle which was provided as bundle CA certificate for the server I am trying to connect to.
Edit php ini settings with
curl.cainfo=cacert.pem
(file in the same directory and accessible by apache)Rename
/etc/pki/nssdb
to/etc/pki/nssdb.old
Unfortunatelly none of the above are able to solve my problem and I constantly get Problem with the SSL CA cert (path? access rights?) message.
And I don't need this verification in the first place (I am aware of security issues).
Does anybody have any other suggestions?
UPDATE
After updating to the latest libraries and restart of the whole box, not just apache which I was doing it all seems to be working now again!!!
According to documentation: to verify host or peer certificate you need to specify alternate certificates with the CURLOPT_CAINFO option or a certificate directory can be specified with the CURLOPT_CAPATH option.
Also look at CURLOPT_SSL_VERIFYHOST: 1 to check the existence of a common name in the SSL peer certificate. 2 to check the existence of a common name and also verify that it matches the hostname provided.
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
这篇关于已忽略PHP CURL CURLOPT_SSL_VERIFYPEER的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!