PHP CURL CURLOPT SSL VERIFYPEER ignored

Question

For some reason I am unable to use CURL with HTTPS  Everything was working fine untill I ran upgrade of curl libraries  Now I am experiencing this response when trying to perform CURL requests   Problem with the SSL CA cert  path  access rights    Following suggestions posted here on related issues I have tried to do the following    Disable verification for host and peer  curl setopt  cHandler  CURLOPT SSL VERIFYHOST  false   curl setopt  cHandler  CURLOPT SSL VERIFYPEER  true    Enable CURLOPT SSL VERIFYPEER and point to cacert pem downloaded from http   curl haxx se docs caextract html  curl setopt  cHandler  CURLOPT SSL VERIFYPEER  true     curl setopt  cHandler  CURLOPT CAINFO  getcwd       positiveSSL ca-bundle     I also tried to do the same thing with positiveSSL ca-bundle which was provided as bundle CA certificate for the server I am trying to connect to  Edit php ini settings with curl cainfo cacert pem  file in the same directory and accessible by apache  Rename  etc pki nssdb to  etc pki nssdb old   Unfortunatelly none of the above are able to solve my problem and I constantly get  Problem with the SSL CA cert  path  access rights   message   And I don t need this verification in the first place  I am aware of security issues    Does anybody have any other suggestions   UPDATE  After updating to the latest libraries and restart of the whole box  not just apache which I was doing it all seems to be working now again

User · Answer

According to documentation  to verify host or peer certificate you need to specify alternate certificates with the CURLOPT CAINFO option or a certificate directory can be specified with the CURLOPT CAPATH option   Also look at CURLOPT SSL VERIFYHOST    1 to check the existence of a common name in the SSL peer certificate  2 to check the existence of a common name and also verify that it matches the hostname provided      curl setopt  ch  CURLOPT SSL VERIFYHOST  0   curl setopt  ch  CURLOPT SSL VERIFYPEER  0

User · Answer

We had the same problem on a CentOS7 machine  Disabling the VERIFYHOST VERIFYPEER did not solve the problem  we did not have the cURL error anymore but the response still was invalid  Doing a wget to the same link as the cURL was doing also resulted in a certificate error   -  Our solution also was to reboot the VPS  this solved it and we were able to complete the request again   For us this seemed to be a memory corruption problem  Rebooting the VPS reloaded the libary in the memory again and now it works  So if the above solution from  clover does not work try to reboot your machine

[php] PHP CURL CURLOPT_SSL_VERIFYPEER ignored

Examples related to php

Examples related to ssl

Examples related to curl

Examples related to https