{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 弹指情弦暗扣 的问题《HTTPS and SSL3_GET_SERVER_CERTIFICATE:certificate》','https://www.manongdao.com/q-5063.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am using XAMPP for development. Recently I upgraded my installation of xampp from an old version to 1.7.3.
Now when I curl HTTPS enabled sites I get the following exception
Fatal error: Uncaught exception 'RequestCore_Exception' with message 'cURL resource: Resource id #55; cURL error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (60)'
Everyone suggest using some specific curl options from PHP code to fix this problem. I think this shouldn't be the way. Because I didn't have any problem with my old version of XAMPP and happened only after installing the new version.
I need help to figure out what settings change in my PHP installation, Apache etc can fix this problem.
Warning: this can introduce security issues that SSL is designed to protect against, rendering your entire codebase insecure. It goes against every recommended practice.
But a really simple fix that worked for me was to call:
before calling:
in the php file.
I believe that this disables all verification of SSL certificates.
When setting the curl options for CURLOPT_CAINFO please remember to use single quotes, using double quotes will only cause another error. So your option should look like:
Additionally, in your php.ini file setting should be written as:(notice my double quotes)
I put it directly below the line that says this:
extension=php_curl.dll(For organizing purposes only, you could put it anywhere within your
php.ini, i just put it close to another curl reference so when I search using keyword curl I caan find both curl references in one area.)For the love of all that is holy...
In my case, I had to set the
openssl.cafilePHP config variable to the PEM file path.I trust it is very true that there are many systems where setting
curl.cainfoin PHP's config is exactly what is needed, but in the environment I'm working with, which is the eboraas/laravel docker container, which uses Debian 8 (jessie) and PHP 5.6, setting that variable did not do the trick.I noticed that the output of
php -idid not mention anything about that particular config setting, but it did have a few lines aboutopenssl. There is both anopenssl.capathandopenssl.cafileoption, but just setting the second one allowed curl via PHP to finally be okay with HTTPS URLs.Sometimes if the application you try to contact has self signed certificates, the normal cacert.pem from http://curl.haxx.se/ca/cacert.pem does not solve the problem.
If you are sure about the service endpoint url, hit it through browser, save the certificate manually in "X 509 certificate with chain (PEM)" format. Point this certificate file with the
The solution is very simple! Put this line before
curl_exec:For me it works.
I have the same error on amazon AMI linux.
I Solved by setting curl.cainfo on /etc/php.d/curl.ini
https://gist.github.com/reinaldomendes/97fb2ce8a606ec813c4b
Addition October 2018
On Amazon Linux v1 edit this file
To add this line