Https 狂饮
我想使用Guzzle和Silex向https页面发送请求 对于http url,我有一个响应:Https 狂饮,https,silex,guzzle,Https,Silex,Guzzle,我想使用Guzzle和Silex向https页面发送请求 对于http url,我有一个响应: app->get('/',function() use ($app, $client){ $response = $client->get("http://www.google.fr"); var_dump($response); }); 我的答复是: object(GuzzleHttp\Message\Response)[102] private 'r
app->get('/',function() use ($app, $client){
$response = $client->get("http://www.google.fr");
var_dump($response);
});
我的答复是:
object(GuzzleHttp\Message\Response)[102]
private 'reasonPhrase' => string 'OK' (length=2)
private 'statusCode' => int 200
private 'effectiveUrl' => string 'http://www.google.fr' (length=20)
private 'headers' (GuzzleHttp\Message\AbstractMessage) =>
array (size=13)
'date' =>
array (size=1)
0 => string 'Wed, 18 Feb 2015 10:57:37 GMT' (length=29)
'expires' =>
但是使用https:
$app->get('/',function() use ($app, $client){
$url = "https://api.zoapp.com/v1/stc/cans/directory/pub/Employees";
$response = $client->get("https://www.facebook.com/");
var_dump($response);
});
我必须纠正错误:
RequestException in RequestException.php line 51:
及
详细信息:我找到了一个解决方案,但不知道它为什么有效:
$client->setDefaultOption('verify', false);
$response = $client->get("https://www.facebook.com");
在链接到详细信息后,异常消息显示: 卷曲错误60:请参阅 我抬头一看,发现 冰壶(60) 对等证书无法使用已知CA证书进行身份验证 因此,这很可能是SSL验证/CA捆绑包的问题。通过将请求选项设置为
false
,guzzle(resp.curl)将不会尝试根据证书验证主机,因此错误将消失(--回复)
但是,您不想这样做;)相反,您应该尝试通过提供有效的CA包来解决此问题
IIRC在v4 guzzle中提供了一个默认证书(请参阅),但在版本5中删除了该证书,现在尝试发现默认的系统CA捆绑包。从中,检查这些位置:
Check if openssl.cafile is set in your php.ini file.
Check if curl.cainfo is set in your php.ini file.
Check if /etc/pki/tls/certs/ca-bundle.crt exists (Red Hat, CentOS, Fedora; provided by the ca-certificates package)
Check if /etc/ssl/certs/ca-certificates.crt exists (Ubuntu, Debian; provided by the ca-certificates package)
Check if /usr/local/share/certs/ca-root-nss.crt exists (FreeBSD; provided by the ca_root_nss package)
Check if /usr/local/etc/openssl/cert.pem (OS X; provided by homebrew)
Check if C:\windows\system32\curl-ca-bundle.crt exists (Windows)
Check if C:\windows\curl-ca-bundle.crt exists (Windows)
但是,我发现在创建新的客户端时,显式设置证书更容易。这意味着:
- 下载或更好(因为更新)(请参阅)
- 在
客户端
实例化中使用此证书的本地路径
示例(假设名为cacert.pem
的证书与脚本位于同一目录中):
在验证选项中指定证书的PEM文件<代码>$client=new\GuzzleHttp\client(['verify'=>'/full/path/to/cert.pem'])代码>是,您是正确的:查看此类中的注释:GuzzleHttp\Message\MessageFactoryInterface
Check if openssl.cafile is set in your php.ini file.
Check if curl.cainfo is set in your php.ini file.
Check if /etc/pki/tls/certs/ca-bundle.crt exists (Red Hat, CentOS, Fedora; provided by the ca-certificates package)
Check if /etc/ssl/certs/ca-certificates.crt exists (Ubuntu, Debian; provided by the ca-certificates package)
Check if /usr/local/share/certs/ca-root-nss.crt exists (FreeBSD; provided by the ca_root_nss package)
Check if /usr/local/etc/openssl/cert.pem (OS X; provided by homebrew)
Check if C:\windows\system32\curl-ca-bundle.crt exists (Windows)
Check if C:\windows\curl-ca-bundle.crt exists (Windows)
$default = ["verify" => __DIR__ . "/cacert.pem"];
$config = ["defaults" => $default];
$client = new Client($config);
$response = $client->get("https://www.facebook.com");