curl_getinfo($ ch,CURLINFO_CERTINFO)为空

时间:2019-02-21 20:57:24

标签: php ssl curl

我从IUS存储库中获得了PHP 7.2,但是默认的PHP(CentOS 7.x)上仍然存在相同的行为。

代码:

$domain = "google.com";

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://' . $domain);
curl_setopt($ch, CURLOPT_CERTINFO, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_NOBODY, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_VERBOSE, 1);

curl_exec($ch);
$certInfo = curl_getinfo($ch, CURLINFO_CERTINFO);

curl_close($ch);

变量 $ certInfo 为空。我已经用https://www.howsmyssl.com/a/check测试了curl,它支持TLS 1.2。

OpenSSL 1.0.2k-fips
cURL support => enabled
cURL Information => 7.29.0
Age => 3
Features
AsynchDNS => Yes
CharConv => No
Debug => No
GSS-Negotiate => Yes
IDN => Yes
IPv6 => Yes
krb4 => No
Largefile => Yes
libz => Yes
NTLM => Yes
NTLMWB => Yes
SPNEGO => No
SSL => Yes
SSPI => No
TLS-SRP => No
Protocols => dict, file, ftp, ftps, gopher, http, https, imap, imaps, ldap, ldaps, pop3, pop3s, rtsp, scp, sftp, smtp, smtps, telnet, tftp
Host => x86_64-redhat-linux-gnu
SSL Version => NSS/3.36
ZLib Version => 1.2.7
libSSH Version => libssh2/1.4.3

怎么了?卷曲? openssl? nss?

2 个答案:

答案 0 :(得分:0)

尝试以下操作:(更新的域)

$domain = "www.google.com";

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://' . $domain);
curl_setopt($ch, CURLOPT_CERTINFO, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_NOBODY, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_VERBOSE, 1);

curl_exec($ch);
$certInfo = curl_getinfo($ch, CURLINFO_CERTINFO);

curl_close($ch);

答案 1 :(得分:0)

要解决此问题,您需要将curl和libcurl更新到较新的版本,例如7.42.0。

已在7.42.0中修复-2015年4月22日

Changes:

    openssl: show the cipher selection to use in verbose text
    gtls: implement CURLOPT_CERTINFO
    add CURLOPT_SSL_FALSESTART option (darwinssl and NSS)
    curl: add --false-start option
    add CURLOPT_PATH_AS_IS
    curl: add --path-as-is option
    curl: create output file on successful download of an empty file

对于CentOS 7.x:

7.34 bugfix ->  NSS: support for CERTINFO feature
相关问题
最新问题