发表新帖
发表新帖

Curl request is failing on the SSL?

后端 未结
关注
7 1931
走了就别回头了
走了就别回头了 2020-12-14 18:09

I have this code

    if(ereg(\"^(https)\",$url))
        curl_setopt($curl,CURLOPT_SSL_VERIFYPEER,false);
    // execute, and log the result to curl_put.log
相关标签:
7条回答
  • 说谎
    2020-12-14 18:56

    I think you mean to use CURLOPT_SSL_VERIFYHOST, not CURLOPT_SSL_VERIFYPEER

    0 讨论(0)
  • 北恋
    2020-12-14 18:57

    With SSL, make sure that you have openssl extension turned on from php.ini.

    0 讨论(0)
  • 陌清茗
    2020-12-14 18:58

    add this:

    curl_setopt( $curl, CURLOPT_SSL_VERIFYHOST, 0);

    I had the same error and worked fine for me.

    0 讨论(0)
  • 日久生厌
    2020-12-14 19:00

    It means the destination server require an SSL communication.

    You should generate an SSL certificate for your sending server from wich you run the CURL request

    Let's Encrypt is the first free and open CA

    Everything is described here sslforfree.com

    0 讨论(0)
  • 渐次进展
    2020-12-14 19:04

    I had the same error printed by the function curl_error but this is not necessarily related to SSL. It is better to print the precise error number with the function curl_errno and you can diagnose better from there. In my case it returned me a 52 error code and I could debug from there, in fact the other server was not sending any data.

    0 讨论(0)
  • 难免孤独
    2020-12-14 19:12

    I've had the same problem. It turned out, that the ssl on the target system had a bad configuration.

    After checking the php curl module, the GuzzleHttp version, the openssl version I called the link in the browser and it worked. But with curl --tlsv1 -kv https://www.example.com on the console there was still an error.

    So I checked the ssl configuration at https://www.ssllabs.com/ssltest/ It was rated with B. And there where some Online Certificate Status Protocol (OCSP) errors I haven't seen before. Finally I changed my configuration on the target system to the suggestions at https://cipherli.st/ restarted the webserver and everything worked. The new rating at ssllabs is now A+.

    My nginx configuration (Ubuntu 14.04, nginx 1.4.6-1ubuntu3.5):

    ssl     on;
ssl_certificate /etc/ssl/certs/1_www.example.com_bundle.crt;
ssl_certificate_key     /etc/ssl/private/www.example.com.key;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
ssl_session_cache shared:SSL:10m;
#ssl_session_tickets off; # Requires nginx >= 1.5.9
ssl_stapling on; # Requires nginx >= 1.3.7
ssl_stapling_verify off; # Requires nginx => 1.3.7
ssl_dhparam /etc/ssl/private/dhparams.pem;
ssl_trusted_certificate /etc/ssl/startssl.ca.pem;
resolver 8.8.8.8 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; www.example.com; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
    0 讨论(0)
 看不清?
提交回复
热议问题