问题
I'm going to explain a little bit about my script so you can understand my question.
Basically i did a script that checks the SOCKS5 if it is live or dead.
When i tested my script on Linux VPS and iMac it was working perfectly, however when i tested it on Windows with wampserver it did not work until i added this line to cURL :
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
Can anyone explain to me why do i need this line in Windows and i don't need it on the Linux server?
回答1:
This cURL man page on SSL Certificates describes the process for Certificate Verification when connecting to SSL/TLS secured hosts.
The reason you are needing to set CURLOPT_SSL_VERIFYPEER to false on Windows is because the CA bundle it uses to verify the certificates is missing (or there is no default path compiled into cURL so you need to explicitly define it).
You can configure it in php.ini using the curl.cainfo directive, or specify it at runtime using:
curl_setopt($curl, CURLOPT_CAFILE, 'C:/path/to/ca-bundle.crt');
If you don't have a copy, grab a recent one here.
While disabling peer verification is a workaround, this can be unsafe because you're disabling the very check that ensures you are securely communicating with the site you think you are.
Anyone can generate a self signed certificate to impersonate a domain, but browsers or clients (like cURL) will fail if the certificate can't be verified unless you ignore or bypass this check (i.e. CURLOPT_SSL_VERIFYPEER = false).
回答2:
Drew010's answer is correct. I'd just add that there problem you're experiencing isn't so much a Windows v Linux issue as much as it is that the two environments differ. You could encounter the same difference between two Linux environments (where I encountered this exact issue), with the roles reversed (works in Windows but not in Linux), etc.
来源:https://stackoverflow.com/questions/33795717/why-we-need-curlopt-ssl-verifypeer-in-windows