我的服务器是nginx + php-fpm
下面的代码会导致错误
file_get_contents('https://github.com');
或
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://github.com");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
$output = curl_exec($ch); //crash here
curl_close($ch);
网页显示502错误
nginx日志是
[错误] 2656#0:* 541 recv()失败(104:通过对等方重置连接)从上游读取响应头
fpm log
Jul 03 00:37:37.619903 [NOTICE] fpm_got_signal(),第48行:收到SIGCHLD
Jul 03 00:37:37.619926 [警告] fpm_children_bury(),第215行:从启动后417.576755秒退出信号11 SIGSEGV(核心转储)的子3567(默认池)
Jul 03 00:37:37.620807 [NOTICE] fpm_children_make(),第352行:子4193(默认池)已启动
如果请求网址以http://开头,则一切正常。
php configure命令是
'./configure' '--prefix=/www/nginx_php-5.2.17' '--with-config-file-path=/www/nginx_php-5.2.17/etc' '--with-mysql=/www/mysql' '--with-iconv=/usr' '--with-freetype-dir' '--with-jpeg-dir' '--with-png-dir' '--with-zlib' '--with-libxml-dir=/usr' '--enable-xml' '--disable-rpath' '--enable-discard-path' '--enable-inline-optimization' '--with-curl' '--enable-mbregex' '--enable-mbstring' '--with-mcrypt=/usr' '--with-gd' '--enable-gd-native-ttf' '--with-openssl' '--with-mhash' '--enable-ftp' '--enable-sockets' '--enable-zip' '--enable-fastcgi' '--enable-fpm' '--with-fpm-conf=/www/etc/php-fpm.conf'
答案 0 :(得分:1)
尝试添加以下两项:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
他们将阻止验证SSL证书。这可能是问题,因为验证可能会失败。除非必须验证来源,否则在使用cURL
下载数据时,请务必添加以下两行。
PS :不确定这会对您有所帮助。
答案 1 :(得分:0)
我最近不得不处理一个类似的问题。在没有深入了解细节的情况下,问题是旧 PHP 版本(从源代码构建)与包管理器中的新 cURL 和 OpenSSL 库的组合由于版本不兼容而导致冲突。
我最终解决问题的基本步骤是从发行版包管理器安装 cURL 和 OpenSSL。使用它们下载兼容 cURL 和 OpenSSL 版本的源包。卸载卷曲。从源代码构建 OpenSSL,然后构建 cURL,配置为使用我刚刚构建的 OpenSSL。从那里,我能够使用新构建的 cURL 和 OpenSSL 库构建 PHP。
这是我最终得到的安装脚本的片段:
# [curl should have been installed from package manager before this]
# Note: This script is based on Ubuntu 18. Paths may differ for different distributions.
cd /usr/local/src
# Download OpenSSL and cURL sources first, using the pre-installed version of cURL.
curl -SL --progress-bar https://www.openssl.org/source/old/1.0.2/openssl-1.0.2n.tar.gz -o openssl-1.0.2n.tar.gz
curl -SL https://curl.se/download/curl-7.65.0.tar.xz -o curl-7.65.0.tar.xz
# Remove the pre-installed cURL, we'll rebuild it from the source bundle,
# using the shared libraries from the OpenSSL version we will build now.
apt-get remove -y --purge curl
# Extract and build OpenSSL from source package, making sure to enable the `shared` option
# so that `libssl.so` and `libcrypto.so` shared libraries are built, too.
tar xvf openssl-1.0.2n.tar.gz
cd openssl-1.0.2n
./config shared # add the `-d` flag to include debug symbols
make -j 10
make install_sw
# Add a new config file for the dynamic linker, so that it knows to look for the new shared libraries we're building.
# The first line is for where the new cURL libs will be, and the latter is where new OpenSSL libs will be.
echo -e "/usr/local/lib \n/usr/local/ssl/lib" > /etc/ld.so.conf.d/local.conf
# Reload the linker cache
ldconfig
cd /usr/local/src
# Extract and build cURL from source package, making sure to tell it to use the OpenSSL version we just built.
tar -xvf curl-7.65.0.tar.xz
cd curl-7.65.0
./configure --with-ssl=/usr/local/ssl # add the `--enable-debug` flag to include debug symbols
make -j 10
make install
# Reload the linker cache
ldconfig
cd /usr/local/src
# Reload utility (bin) locations; find the newly built `curl` binary.
hash -r
curl -SL --progress-bar http://www.php.net/distributions/php-5.5.38.tar.bz2 -o php-5.5.38.tar.bz2
tar -xvf php-5.5.38.tar.bz2
cd php-5.5.38
# Make sure the `--with-openssl` flag includes a path to the SSL libs created after building it from source.
# `--with-curl`, by default, will look in `/usr/local/lib` and `/usr/local/include`; When built from source,
# the generated libraries WILL be placed here, so you shouldn't need to specify the path, unless you put them elsewhere
# or your distro uses different paths
./configure \
--with-openssl=/usr/local/ssl \
--with-curl \
# Any other config flags here
# Other flags were omitted for this example
make -j 10
make install
注意:我是为测试和开发环境编写的。即使忽略它使用的是 PHP 5.5,这也可能不适合生产环境。