On Wed, 27 Aug 2003, Scott Nichol wrote:

> With this config, I always get the "SSL certificate problem, verify that the
> CA cert is OK" error when accessing a URL with the https scheme. The PHP
> distribution did not include the CA cert bundle, so I grabbed ca-bundle.crt
> from CVS and tried putting it in the directory with php.exe and
> php_curl.dll. I also tried renaming it to curl-ca-bundle.net in each of
> those locations. In all cases, I still received the same error.

The reason for this "error" is described here:
http://curl.haxx.se/docs/sslcerts.html

> By using the CURLOPT_CAINFO option, I was able to get SSL connections to
> work. However, that is not the long-term solution I want to use. What is
> the "proper" configuration for cURL with PHP, e.g., is there a preferred
> place for the DLLs, a better php.ini configuration, and a place where the
> bundle belongs?

When libcurl is compiled, it is set to use a specific path to check for a CA
cert bundle.

On Windows, people who build libcurl tend to not set the define that controls
the default path (CURL_CA_BUNDLE) and then those libraries have none!

CURLOPT_CAPATH can be used by programs to override the default built-in path.

The command line tool 'curl' also recognizes the environment variable named
"CURL_CA_BUNDLE" and will use that path if set, but pure libcurl add-ons (such
as the PHP/CURL module) will not benefit from that functionality.

-- 
 Daniel Stenberg -- curl: been grokking URLs since 1998
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf