curl-users
SSL certificate problem, verify that the CA cert is OK.
Date: Wed, 30 Jan 2008 00:09:47 +0100
Hi There
I tried to use curl to connetc to a HTTPS paget. But I am getting the error
result "SSL certificate problem, verify that the CA cert is OK." . I am sure
that it something has to do with the passed curl options and my passed ssl
certificate configuration/bundle.
I read the "standard" help files from curl and googlet around but I found no
hint how I should start to solve this problem.I also noticed that lot of
curl users still have or the "same" problem, but no concrete steps how to
solve the issue in detail. So please If someone could help on this would be
more than great!
Already read:
http://curl.haxx.se/docs/sslcerts.html
http://curl.haxx.se/docs/caextract.html
http://www.tonyspencer.com/2003/10/22/curl-with-php-and-apache-on-windows/
my php script which using curl:
require_once('Net/Curl.php');
$curl = & new Net_Curl($argv[1]);
$result = $curl->create();
if (!PEAR::isError($result)) {
// Set other options here with Net_Curl::setOption()
$curl->setOption(CURLOPT_SSL_VERIFYHOST, 0);
$curl->setOption(CURLOPT_SSL_VERIFYPEER,false);
$curl->setOption(CURLOPT_VERBOSE,1);
$curl->setOption(CURLOPT_CAINFO,"C:/Programme/xampp/php/cert/cacert.pem");
$result = $curl->execute();
if (!PEAR::isError($result)) {
echo $result."\n";
} else {
echo $result->getMessage()."\n";
}
$curl->close();
} else {
echo $result->getMessage()."\n";
}
execution & output:
C:\Programme\xampp\php>php
C:\Programme\xampp\php\pear\docs\Net_Curl\examples\fetchPage.php
https://desperado:8009/shop/admin
* About to connect() to desperado port 8009
* Trying 10.0.0.4... * connected
* Connected to desperado (10.0.0.4) port 8009
* successfully set certificate verify locations:
* CAfile: C:/Programme/xampp/php/cert/cacert.pem
CApath: none
* SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed
* Closing connection #0
SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed
My configuration:
- windows xp
- xamp Version 1.5.5
- PHP 5.2.0
- OpenSSL 0.9.8d
I downloaded just the file "http://curl.haxx.se/ca/cacert.pem" and put it on
the location above.
Starting Questions:
- Do I need other CURL_OPTXXXX parameters?
- Do I need to convert the donwloaded pem file?
- Do I need to pass some configuration of OpenSSL to curl?
Many thanks in advance
regards
Mark
Received on 2008-01-30