Created
March 20, 2013 18:03
-
-
Save gboudreau/5206966 to your computer and use it in GitHub Desktop.
Correctly handle errors with valid SSL certificates in cURL/PHP.
Use this if you have problems connecting to https websites using PHP cURL extension. If the certificate is not signed by a CA listed in cURL's cacert.pem, you can use this technique to verify the certificate: http://unitstep.net/blog/2009/05/05/using-curl-in-php-to-access-https-ssl…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// [...] | |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE); // for security this should always be set to true. | |
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); // for security this should always be set to 2. | |
// Update cacert.pem (valid CA certificates list) from the cURL website once a month | |
$curl_cainfo = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'cacert.pem'; | |
$last_month = time()-30*24*60*60; | |
if (!file_exists($curl_cainfo) || filemtime($curl_cainfo) < $last_month) { | |
file_put_contents($curl_cainfo, file_get_contents('http://curl.haxx.se/ca/cacert.pem')); | |
} | |
if (file_exists($curl_cainfo)) { | |
curl_setopt($ch, CURLOPT_CAINFO, $curl_cainfo); | |
} | |
// [...] | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment