Blog Emka

Portal linux, pemrograman sistem informasi, computer security & santri

Tutorial PHP

Ignore PHP Curl SSL Verification

Maybe one of your SSL Certificate is somehow not verify well by Curl. One of my API domain get strange error this morning.

--2016-11-30 06:34:52--  https://xxxx.api/
Resolving xxxx.api (xxxx.api)... 13.23.10.58
Connecting to xxxx.api (xxxx.api)|13.23.10.58|:443... connected.
ERROR: The certificate of `xxxx.api' is not trusted.
ERROR: The certificate of `xxxx.api' hasn't got a known issuer.

And I don’t know exactly, maybe lib-curl is broken, php-curl is broken or something else broken. But passing some parameter to CURL to ignore those buggy invalid verification is good enough to solve this silly problem.

According to documentation: to verify host or peer certificate you need to specify alternate certificates with the CURLOPT_CAINFO option or a certificate directory can be specified with the CURLOPT_CAPATH option.

Also look at CURLOPT_SSL_VERIFYHOST: 1 to check the existence of a common name in the SSL peer certificate. 2 to check the existence of a common name and also verify that it matches the hostname provided.

$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Theme by Anders Norén

%d bloggers like this: