Can't connect to HTTPS site using cURL. Return

2019-01-02 14:52发布

站内问答 / PHP
1001 12 6

I have a site that connects using cURL (latest version) to a secure gateway for payment.

The problem is cURL always returns 0 length content. I get headers only. And only when I set cURL to return headers. I have the following flags in place.

curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_URL, $gatewayURI);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_POST, 1);

The header returned is

HTTP/1.1 100 Continue

HTTP/1.1 200 OK
Date: Tue, 25 Nov 2008 01:08:34 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 0
Content-Type: text/html
Set-Cookie: ASPSESSIONIDxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; path=/
Cache-control: private

I have also tried cURL'ing different sites and they return content fine. I think the problem might have something to do with the https connection.

I have spoken with the company and they are unhelpful.

Has anyone else experienced this error and know a work around? Should I ditch cURL and try and use fsockopen() ?

Thank you. :)

标签: php curl https
举报
12条回答
只若初见
2楼-- · 2019-01-02 15:43

I used file_get_contents using stream_create_context and it works fine:

$postdataStr = http_build_query($postdataArr);

$context_options = array (
        'http' => array (    <blink> // this will allways be http!!!</blink>
            'method' => 'POST',
            'header'=> "Content-type: application/x-www-form-urlencoded\r\n"
                . "Content-Length: " . strlen($postdataArr) . "\r\n"
                . "Cookie: " . $cookies."\r\n"
            'content' => $postdataStr
            )
        );

$context = stream_context_create($context_options);
$HTTPSReq = file_get_contents('https://www.example.com/', false, $context);
查看更多
0人赞 添加讨论(0) 举报
春风洒进眼中
3楼-- · 2019-01-02 15:48

there might be a problem at your web hosting company from where you are testing the secure communication for gateway, that they might not allow you to do that.

also there might be a username, password that must be provided before connecting to remote host.

or your IP might need to be in the list of approved IP for the remote server for communication to initiate.

查看更多
0人赞 添加讨论(0) 举报
倾城一夜雪
4楼-- · 2019-01-02 15:50

Note: This is strictly not production use. If you want to quickly debug, this may be useful. Otherwise, please use @SchizoDuckie's answer above. 

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);     
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);

Just add them. It works.

查看更多
0人赞 添加讨论(0) 举报
萌妹纸的霸气范
5楼-- · 2019-01-02 15:51

I had a situation where this helped: (PHP 5.4.16 on Windows)

curl_setopt($ch, CURLOPT_SSLVERSION, 3);
查看更多
0人赞 添加讨论(0) 举报
旧人旧事旧时光
6楼-- · 2019-01-02 15:53

I had the same problem today. Curl comes with an outdated file to authenticate HTTPS certificates from.

get the new one from:

http://curl.haxx.se/ca/cacert.pem

save it into some dir on your site

and add 

curl_setopt ($curl_ch, CURLOPT_CAINFO, dirname(__FILE__)."/cacert.pem");

To every request :-)

IGNORE any dumbass comments about disabling CURLOPT_VERIFYPEER and CURLOPT_VERIFYHOST!! That leaves your code vulnerable to man in the middle attacks!

December 2016 edit:

Solve this properly by using Jasen's method mentioned below.

add curl.cainfo=/etc/ssl/certs/ca-certificates.crt to you php.ini

October 2017 edit:

There is now a composer package that helps you manage the ca certificates, so that you're not vulnerable if your cacert.pem becomes outdated due to revoking certificates.

https://github.com/paragonie/certainty -> composer require paragonie/certainty:dev-master

查看更多
0人赞 添加讨论(0) 举报
还给你的自由
7楼-- · 2019-01-02 15:53

Sometimes you have to upgrade your Curl certificates to latest version not to have errors with https.

查看更多
0人赞 添加讨论(0) 举报
上一页 1 2
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)