Can t connect to HTTPS site using cURL Returns 0 length content instead What can I do

Question

I have a site that connects using cURL  latest version  to a secure gateway for payment   The problem is cURL always returns 0 length content  I get headers only  And only when I set cURL to return headers  I have the following flags in place   curl setopt  ch  CURLOPT HTTPAUTH  CURLAUTH ANY   curl setopt  ch  CURLOPT SSL VERIFYPEER  false   curl setopt  ch  CURLOPT SSL VERIFYHOST  false   curl setopt  ch  CURLOPT URL   gatewayURI   curl setopt  ch  CURLOPT HEADER  1   curl setopt  ch  CURLOPT RETURNTRANSFER  1   curl setopt   ch  CURLOPT POST  1     The header returned is  HTTP 1 1 100 Continue  HTTP 1 1 200 OK Date  Tue  25 Nov 2008 01 08 34 GMT Server  Microsoft-IIS 6 0 X-Powered-By  ASP NET Content-Length  0 Content-Type  text html Set-Cookie  ASPSESSIONIDxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx  path   Cache-control  private   I have also tried cURL ing different sites and they return content fine  I think the problem might have something to do with the https connection   I have spoken with the company and they are unhelpful   Has anyone else experienced this error and know a work around  Should I ditch cURL and try and use fsockopen      Thank you

User · Answer

The best way to use https and avoid security issues is to use Firefox (or another tool) and download the certificate to your server. This webpage helped me a lot, and these were the steps that worked for me:

1) Open in Firefox the URL you're gonna use with CURL

2) On the address bar click on the padlock > more information (FF versions can have different menus, just find it). Click the View certificate button > Details tab.

3) Highlight the "right" certificate in Certificate hierarchy. In my case it was the second of three, called "cPanel, Inc. Certification Authority". I just discovered the right one by "trial and error" method.

4) Click the Export button. In my case the one who worked was the file type "PEM with chains" (again by trial and error method).

5) Then in your PHP script add:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);    
curl_setopt($ch, CURLOPT_CAINFO, [PATH_TO_CRT_FILE]);

In addition I'd say that we must pay attention on the fact that these steps will probably need to be redone once a year or whenever the URL certificate is replaced or renewed.

User · Answer

I had the same problem today  Curl comes with an outdated file to authenticate HTTPS certificates from   get the new one from   http   curl haxx se ca cacert pem  save it into some dir on your site   and add   curl setopt   curl ch  CURLOPT CAINFO  dirname   FILE      cacert pem       To every request  -   IGNORE any dumbass comments about disabling CURLOPT VERIFYPEER and CURLOPT VERIFYHOST   That leaves your code vulnerable to man in the middle attacks   December 2016 edit   Solve this properly by using Jasen s method mentioned below   add curl cainfo  etc ssl certs ca-certificates crt to you php ini  October 2017 edit   There is now a composer package that helps you manage the ca certificates  so that you re not vulnerable if your cacert pem becomes outdated due to revoking certificates   https   github com paragonie certainty -  composer require paragonie certainty dev-master

User · Answer

Whenever I m testing something with PHP Curl  I try it from the command line first  figure out what works  and then port my options to PHP

User · Answer

there might be a problem at your web hosting company from where you are testing the  secure communication for gateway  that they might not allow you to do that   also there might be a username  password that must be provided before connecting to remote host   or your IP might need to be in the list of approved IP for the remote server for communication to initiate

User · Answer

You should also try checking the error messages in curl error    You might need to do this once after each curl   function   http   www php net curl error

User · Answer

Just had a very similar problem and solved it by adding  curl setopt  ch  CURLOPT FOLLOWLOCATION  1     Apparently the site I m fetching redirects to another location and php-curl doesn t follow redirects by default

User · Answer

Note  This is strictly not production use  If you want to quickly debug  this may be useful  Otherwise  please use  SchizoDuckie s answer above    curl setopt  ch  CURLOPT SSL VERIFYPEER  FALSE        curl setopt  ch  CURLOPT SSL VERIFYHOST  2      Just add them  It works

User · Answer

I discovered this error on a recent application project  I was writing to run from the command line or the browser window  so I was using server detection to get the relative URL of the document I was asking for  The trouble was  the site is https  and each time I attempted to access http    same server   cURL helpfully changed it to https   This works fine from the browser  but from the command-line  I d then get an SSL error even with both verify s set to false  What I had to do was    1  Check   SERVER  HTTP HOST    If present  use    SERVER  HTTPS      https        http        SERVER  HTTP HOST    2  Check   SERVER  COMPUTERNAME    and if it matched the production server  provide the https URL    https    servername     3  If neither condition passed  it means I m running command-line on a different server  and use  http   localhost    Now  this worked  but it s a hack  Also  I never did figure out why on one server  https  cURL changed my URL  while on the other  also https  it left my URL alone    Weird

User · Answer

You are using POST method  but are you providing an array of data  E g   curl setopt  ch  CURLOPT POST  1   curl setopt  ch  CURLOPT POSTFIELDS   data

User · Answer

Sometimes you have to upgrade your Curl certificates to latest version not to have errors with https

User · Answer

there might be a problem at your web hosting company from where you are testing the  secure communication for gateway  that they might not allow you to do that   also there might be a username  password that must be provided before connecting to remote host   or your IP might need to be in the list of approved IP for the remote server for communication to initiate

User · Answer

I had a situation where this helped   PHP 5 4 16 on Windows   curl setopt  ch  CURLOPT SSLVERSION  3

User · Answer

Whenever I m testing something with PHP Curl  I try it from the command line first  figure out what works  and then port my options to PHP

User · Answer

I had a situation where this helped   PHP 5 4 16 on Windows   curl setopt  ch  CURLOPT SSLVERSION  3

User · Answer

You are using POST method  but are you providing an array of data  E g   curl setopt  ch  CURLOPT POST  1   curl setopt  ch  CURLOPT POSTFIELDS   data

User · Answer

I discovered this error on a recent application project  I was writing to run from the command line or the browser window  so I was using server detection to get the relative URL of the document I was asking for  The trouble was  the site is https  and each time I attempted to access http    same server   cURL helpfully changed it to https   This works fine from the browser  but from the command-line  I d then get an SSL error even with both verify s set to false  What I had to do was    1  Check   SERVER  HTTP HOST    If present  use    SERVER  HTTPS      https        http        SERVER  HTTP HOST    2  Check   SERVER  COMPUTERNAME    and if it matched the production server  provide the https URL    https    servername     3  If neither condition passed  it means I m running command-line on a different server  and use  http   localhost    Now  this worked  but it s a hack  Also  I never did figure out why on one server  https  cURL changed my URL  while on the other  also https  it left my URL alone    Weird

User · Answer

The best way to use https and avoid security issues is to use Firefox (or another tool) and download the certificate to your server. This webpage helped me a lot, and these were the steps that worked for me:

1) Open in Firefox the URL you're gonna use with CURL

2) On the address bar click on the padlock > more information (FF versions can have different menus, just find it). Click the View certificate button > Details tab.

3) Highlight the "right" certificate in Certificate hierarchy. In my case it was the second of three, called "cPanel, Inc. Certification Authority". I just discovered the right one by "trial and error" method.

4) Click the Export button. In my case the one who worked was the file type "PEM with chains" (again by trial and error method).

5) Then in your PHP script add:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);    
curl_setopt($ch, CURLOPT_CAINFO, [PATH_TO_CRT_FILE]);

In addition I'd say that we must pay attention on the fact that these steps will probably need to be redone once a year or whenever the URL certificate is replaced or renewed.

User · Answer

I had the same problem today  Curl comes with an outdated file to authenticate HTTPS certificates from   get the new one from   http   curl haxx se ca cacert pem  save it into some dir on your site   and add   curl setopt   curl ch  CURLOPT CAINFO  dirname   FILE      cacert pem       To every request  -   IGNORE any dumbass comments about disabling CURLOPT VERIFYPEER and CURLOPT VERIFYHOST   That leaves your code vulnerable to man in the middle attacks   December 2016 edit   Solve this properly by using Jasen s method mentioned below   add curl cainfo  etc ssl certs ca-certificates crt to you php ini  October 2017 edit   There is now a composer package that helps you manage the ca certificates  so that you re not vulnerable if your cacert pem becomes outdated due to revoking certificates   https   github com paragonie certainty -  composer require paragonie certainty dev-master

User · Answer

You are using POST method  but are you providing an array of data  E g   curl setopt  ch  CURLOPT POST  1   curl setopt  ch  CURLOPT POSTFIELDS   data

User · Answer

there might be a problem at your web hosting company from where you are testing the  secure communication for gateway  that they might not allow you to do that   also there might be a username  password that must be provided before connecting to remote host   or your IP might need to be in the list of approved IP for the remote server for communication to initiate

User · Answer

I had the same problem today  Curl comes with an outdated file to authenticate HTTPS certificates from   get the new one from   http   curl haxx se ca cacert pem  save it into some dir on your site   and add   curl setopt   curl ch  CURLOPT CAINFO  dirname   FILE      cacert pem       To every request  -   IGNORE any dumbass comments about disabling CURLOPT VERIFYPEER and CURLOPT VERIFYHOST   That leaves your code vulnerable to man in the middle attacks   December 2016 edit   Solve this properly by using Jasen s method mentioned below   add curl cainfo  etc ssl certs ca-certificates crt to you php ini  October 2017 edit   There is now a composer package that helps you manage the ca certificates  so that you re not vulnerable if your cacert pem becomes outdated due to revoking certificates   https   github com paragonie certainty -  composer require paragonie certainty dev-master

User · Answer

I used file get contents using stream create context and it works fine    postdataStr   http build query  postdataArr     context options   array            http    gt  array       lt blink gt     this will allways be http    lt  blink gt               method    gt   POST                header   gt   Content-type  application x-www-form-urlencoded r n                     Content-Length      strlen  postdataArr      r n                     Cookie       cookies   r n               content    gt   postdataStr                            context   stream context create  context options    HTTPSReq   file get contents  https   www example com    false   context

User · Answer

Note  This is strictly not production use  If you want to quickly debug  this may be useful  Otherwise  please use  SchizoDuckie s answer above    curl setopt  ch  CURLOPT SSL VERIFYPEER  FALSE        curl setopt  ch  CURLOPT SSL VERIFYHOST  2      Just add them  It works

User · Answer

Sometimes you have to upgrade your Curl certificates to latest version not to have errors with https

User · Answer

there might be a problem at your web hosting company from where you are testing the  secure communication for gateway  that they might not allow you to do that   also there might be a username  password that must be provided before connecting to remote host   or your IP might need to be in the list of approved IP for the remote server for communication to initiate

User · Answer

You should also try checking the error messages in curl error    You might need to do this once after each curl   function   http   www php net curl error

User · Answer

You should also try checking the error messages in curl error    You might need to do this once after each curl   function   http   www php net curl error

User · Answer

Whenever I m testing something with PHP Curl  I try it from the command line first  figure out what works  and then port my options to PHP

User · Answer

I used file get contents using stream create context and it works fine    postdataStr   http build query  postdataArr     context options   array            http    gt  array       lt blink gt     this will allways be http    lt  blink gt               method    gt   POST                header   gt   Content-type  application x-www-form-urlencoded r n                     Content-Length      strlen  postdataArr      r n                     Cookie       cookies   r n               content    gt   postdataStr                            context   stream context create  context options    HTTPSReq   file get contents  https   www example com    false   context

User · Answer

You are using POST method  but are you providing an array of data  E g   curl setopt  ch  CURLOPT POST  1   curl setopt  ch  CURLOPT POSTFIELDS   data

User · Answer

I had the same problem today  Curl comes with an outdated file to authenticate HTTPS certificates from   get the new one from   http   curl haxx se ca cacert pem  save it into some dir on your site   and add   curl setopt   curl ch  CURLOPT CAINFO  dirname   FILE      cacert pem       To every request  -   IGNORE any dumbass comments about disabling CURLOPT VERIFYPEER and CURLOPT VERIFYHOST   That leaves your code vulnerable to man in the middle attacks   December 2016 edit   Solve this properly by using Jasen s method mentioned below   add curl cainfo  etc ssl certs ca-certificates crt to you php ini  October 2017 edit   There is now a composer package that helps you manage the ca certificates  so that you re not vulnerable if your cacert pem becomes outdated due to revoking certificates   https   github com paragonie certainty -  composer require paragonie certainty dev-master

User · Answer

Whenever I m testing something with PHP Curl  I try it from the command line first  figure out what works  and then port my options to PHP

User · Answer

Just had a very similar problem and solved it by adding  curl setopt  ch  CURLOPT FOLLOWLOCATION  1     Apparently the site I m fetching redirects to another location and php-curl doesn t follow redirects by default

User · Answer

You should also try checking the error messages in curl error    You might need to do this once after each curl   function   http   www php net curl error

[php] Can't connect to HTTPS site using cURL. Returns 0 length content instead. What can I do?

Examples related to php

Examples related to curl

Examples related to https