我尝试编写一些代码来通过HTTP或HTTPS获取页面。
<?php
$ch = curl_init('https://www.google.com');
// <START OPTIONS>
// Uncomment the following line to "fix" error 60: "SSL certificate problem: unable to get local issuer certificate"
//curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
// These options make no difference
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, 'C:/server/cacert.pem');
// This changes error 60 to error 58: "unable to set private key file: 'C:/server/cacert.pem' type PEM"
curl_setopt($ch, CURLOPT_SSLCERT, 'C:/server/cacert.pem');
// <END OPTIONS>
if (curl_exec($ch) === false) {
var_dump(curl_errno($ch), curl_error($ch));
}
curl_close($ch);
我已按照this answer中有关向cacert.pem添加php.ini文件的建议,但我仍然收到错误60.我相信这就是CURLOPT_CAINFO选项也可以。
如果我包含curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);它可行,但只能绕过安全检查。
php -i的cURL设置:
curl
cURL support => enabled
cURL Information => 7.42.1
Age => 3
Features
AsynchDNS => Yes
Debug => No
GSS-Negotiate => No
IDN => No
IPv6 => Yes
Largefile => Yes
NTLM => Yes
SPNEGO => Yes
SSL => Yes
SSPI => Yes
krb4 => No
libz => Yes
CharConv => No
Protocols => dict, file, ftp, ftps, gopher, http, https, imap, imaps, ldap, pop3, pop3s, rtsp, scp, sftp, smtp, smtps, telnet, tftp
Host => i386-pc-win32
SSL Version => OpenSSL/0.9.8zf
ZLib Version => 1.2.7
libSSH Version => libssh2/1.5.0
phpinfo()的cURL设置:
curl
cURL support enabled
cURL Information 7.42.1
Age 3
Features
AsynchDNS Yes
Debug No
GSS-Negotiate No
IDN No
IPv6 Yes
Largefile Yes
NTLM Yes
SPNEGO Yes
SSL Yes
SSPI Yes
krb4 No
libz Yes
CharConv No
Protocols dict, file, ftp, ftps, gopher, http, https, imap, imaps, ldap, pop3, pop3s, rtsp, scp, sftp, smtp, smtps, telnet, tftp
Host i386-pc-win32
SSL Version OpenSSL/1.0.1e
ZLib Version 1.2.7
libSSH Version libssh2/1.5.0
除SSL Version => OpenSSL/0.9.8zf(CLI)SSL Version OpenSSL/1.0.1e(CGI)
我的开发机器是Windows XP,PHP 5.4.45,但是当我开始工作时,我想将它传输到Linux服务器。
我是否需要以不同方式配置php.ini或使用不同的cURL选项?如果网站正确签名,即如果使用curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);?