PHP curl ssl - cant connect to a https site

Recently, I was writing a PHP script for grabbing data from VeriSign through their API, but I was getting '0' as response. The problem was that curl SSL version and server's SSL version was different, so I needed to set it manually. If you don't set the SSL version manually, PHP will try to determine by itself. Because of that, PHP was setting SSL version to 2.0 and the VeriSign server's SSL version was 3.0.

Check SSL version

There are two types of SSL version that can be set by curl: SSL 2.0 and SSL 3.0

curl_setopt($ch, CURLOPT_SSLVERSION, 2);
curl_setopt($ch, CURLOPT_SSLVERSION, 3);

Disable peer and host verification

If both versions are same, you can try to configure curl to accept any SSL certificate without performing verification by setting CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST to false. You should be careful not to use this method if you are sending or receiving sensitive information.

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

Loading certificate manually

Another way for solving the problem is to download and load the certificate manually.

Download certificate

Open the page in your favorite web browser. Click on locker in the left upper corner.

Open certificate

Click on more information.

View certificate

Next, click on view certificate and go to the Details tab.

Export certificate

Next, click on Export certificate.

Save certificate

Be sure to export the CA certificate and select X.509 Certificate (PEM) as file type with .crt or .pem extension

Load CAs certificate
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, "/home/certificate.crt");
- Posted by Eva to Php
tags: curl https ssl