'PHP cURL (SSL certificate problem: self signed certificate in certificate chain)
When making a php cURL request in production, I am getting the following error: Problem with SSL certificate: self-signed certificate in the certificate chain. Since in my local machine it has worked normally.
Here is the code used:
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => array(
$authorization,
"cache-control: no-cache"
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
can anybody help me?
Thanks in advance.
Solution 1:[1]
It is like it says: the URL you are calling uses a self signed certificate and since self-signed certificate are unsafe, you are getting that error message.
If you are OK with this unsafe connection you can ignore the error by adding the CURLOPT_SSL_VERIFYHOST option. However, you want to consider to add a valid certificate for safety.
Solution 2:[2]
If you are using PHP CURL, the error is probably caused by not having an up-to-date bundle of CA root certificates. This is typically a text file with a bunch of cryptographic signatures that curl uses to verify a host’s SSL certificate.
You need to make sure that your installation of PHP has one of these files, and that it’s up to date (otherwise download one here: http://curl.haxx.se/docs/caextract.html).
After download, upload it to your server, or root folder, or just anywhere accessible within your host account, then set in php.ini:
curl.cainfo = <absolute_path_to> cacert.pem
If you do not have access to the php.ini, and would want to set it at runtime, use this option in CURL pipline:
curl_setopt ($ch, CURLOPT_CAINFO, dirname(__FILE__)."/cacert.pem");
(where $ch = curl_init();):
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | vrijdenker |
| Solution 2 | Nicholas Mberev |