PHP cURL不使用HTTPS [英] PHP cURL Not Working with HTTPS
问题描述
我在我的开发服务器上遇到问题,其中cURL与任何HTTP协同工作时,无法与任何HTTPS正常工作,即使是完全相同的资源与不同的协议(用于测试我一直在请求google.com使用http和https)。
返回的cURL错误是35:SSL / TLS握手中的某处出现问题。
我已经梳理了web和SO的解决方案,并且所有他们都设置CURLOPT_SSL_VERIFYPEER为false,它什么也没有更改,或下载证书文件和设置CURLOPT_CAINFO到其路径,这也改变没有。
设置证书时,我按照本教程和本教程,尝试同时下载我请求的资源的证书,并下载证书包。
我使用了很多旧的代码,在我最后的生产服务器,所以这段代码以前工作过。但是托管是共享托管,我不知道大多数配置。
Curl没有内置的,在根证书(像大多数现代浏览器做)。您需要明确指向一个cacert.pem文件:
curl_setopt($ ch,CURLOPT_CAINFO,'/ path / to / cert / file / cacert.pem');
没有这个,curl无法验证通过ssl发回的证书。
您可以在这里获取cacert.pem文件:http://curl.haxx.se/docs/caextract.html
I've been having problems on my development server where cURL, while working perfectly with anything HTTP, does not function properly with anything HTTPS—even the exact same resource with different protocols (for testing I've been requesting google.com using both http and https).
The cURL error returned is 35: "A problem occurred somewhere in the SSL/TLS handshake."
I have combed the web and SO for solutions, and all of them have been to either set CURLOPT_SSL_VERIFYPEER to false, which changes nothing, or to download the certificate file and set CURLOPT_CAINFO to its path, which also changes nothing.
When setting a certificate, I followed the instructions of this tutorial and this tutorial, trying to both download the certificate for the resource I'm requesting, and downloading a cert bundle.
I've also tried explicitly setting CURLOP_PORT to 443. For thoroughness of my question, other options I set are CURLOPT_VERBOSE=true, CURLOPT_RETURNTRANSFER=true, and CURLOPT_SSL_VERIFYHOST=2 (I've tried every combination of 1, and 2 with VERIFYPEER both true and false). I also have made sure in phpinfo() that I have OpenSSL and it is enabled.
I'm using a lot of old code that worked perfectly on my last production server, so this code has worked before. But that hosting was shared hosting and I don't know most of the configuration there.
Curl doesn't have built-in root certificates (like most modern browser do). You need to explicitly point it to a cacert.pem file:
curl_setopt($ch, CURLOPT_CAINFO, '/path/to/cert/file/cacert.pem');
Without this, curl cannot verify the certificate sent back via ssl. This same root certificate file can be used every time you use SSL in curl.
You can get the cacert.pem file here: http://curl.haxx.se/docs/caextract.html
这篇关于PHP cURL不使用HTTPS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
