Fatal编程技术网
  • php/
  • Php CURLOPT_SSL_VERIFYPEER选项出现证书错误

Php CURLOPT_SSL_VERIFYPEER选项出现证书错误

php apache curl

Php CURLOPT_SSL_VERIFYPEER选项出现证书错误,php,apache,curl,Php,Apache,Curl,嗨,我有以下代码和相应的日志。请让我知道是否有人可以解决证书问题 /////////////////////////////////////////////php curl code////////////////////////////////////////// curl_setopt_array($handle, array( CURLOPT_SSL_VERIFYPEER => true, CURLOPT_SSL_VERIFYHOST => 2,

嗨,我有以下代码和相应的日志。请让我知道是否有人可以解决证书问题

/////////////////////////////////////////////php curl code//////////////////////////////////////////
    curl_setopt_array($handle, array(
    CURLOPT_SSL_VERIFYPEER => true,
    CURLOPT_SSL_VERIFYHOST => 2,
    CURLOPT_VERBOSE => true,
    CURLOPT_HEADER => true,
    CURLOPT_CAINFO => 'C:\wamp\www\server.pem',
    CURLOPT_HTTPHEADER => $headers,
    CURLOPT_POSTFIELDS => $credentials,
    CURLOPT_SSLCERT => 'C:\wamp\bin\apache\Apache2.4.4\conf\ssl.cert\server.crt',
    CURLOPT_SSLKEY => 'C:\wamp\bin\apache\Apache2.4.4\conf\ssl.key\server.key',
    CURLOPT_SSLCERTPASSWD => "mypassphrase",
    CURLOPT_HTTPAUTH => CURLOPT_HTTPAUTH ,
    CURLOPT_RETURNTRANSFER => false,
    CURLOPT_POST => true,);

$response=curl_exec($handle);
    if (false ===$response ) {
    echo "Error while loading page: ". curl_error($handle). "\n";
    }
    else
    {
        echo "success while loading page: ".curl_error($handle)."\n";
        echo $response;
    }
    $status_code=curl_getinfo($handle, CURLINFO_HTTP_CODE);
//     echo "status code --> $status_code" . "\n";
    $header_size = curl_getinfo($handle, CURLINFO_HEADER_SIZE);
            echo "header_size-->$header_size ","\n";
    $header = substr($response, 0, $header_size);
            echo "header --->$header ","\n";
    $body = substr($response, $header_size);
            echo "body---: $body ","\n";
    curl_close($handle);
/////////////////////////////////////////////////////////////////////////////////////////////////

* Adding handle: conn: 0x21a1f58
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x21a1f58) send_pipe: 1, recv_pipe: 0
* About to connect() to my.site.com port 8443 (#0)
*   Trying my.site.com...
* Connected to my.site.com port 8443 (#0)
* successfully set certificate verify locations:
*   CAfile: C:\wamp\www\server.pem
  CApath: none
* SSL connection using DHE-RSA-AES256-SHA
* Server certificate:
*    subject: CN=my.site.com
*    start date: 2013-07-09 07:57:53 GMT
*    expire date: 2013-07-09 07:57:53 GMT
*    common name: my.site.com (matched)
*    issuer: CN=my.site.com
*    SSL certificate verify ok.
> POST /v2/dip/auth/login HTTP/1.1

Host: my.site.com:8443

Accept: */*

contentType:application/json

MY-API-Key:@#@$@#$SDsdfsdfdsw1212312323123

Content-Length: -1

Content-Type: application/x-www-form-urlencoded

Expect: 100-continue



< HTTP/1.1 400 Bad Request

* Server Apache-Coyote/1.1 is not blacklisted
< Server: Apache-Coyote/1.1

< Transfer-Encoding: chunked

< Date: Tue, 24 Dec 2013 09:37:32 GMT

< Connection: close

< 

* Closing connection 0
[Mon Dec 23 14:38:08.561536 2013] [mpm_winnt:notice] [pid 328:tid 560] AH00430: Parent: Child process 8080 exited successfully.
[Mon Dec 23 14:38:11.019782 2013] [mpm_winnt:notice] [pid 9308:tid 560] AH00455: Apache/2.4.4 (Win32) OpenSSL/1.0.1e PHP/5.4.16 configured -- resuming normal operations
////////////////////////////////////////////////////////////////////////////////////////////

//////////////////////////////////////access.log//////////////////////////////////////
127.0.0.1 - - [23/Dec/2013:14:39:41 +0530] "GET /curltest.php HTTP/1.1" 200 359

///////////////////////////////////////sslerror.log/////////////////////////////////////
[Mon Dec 23 14:38:11.627843 2013] [ssl:warn] [pid 9972:tid 456] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon Dec 23 14:38:11.627843 2013] [ssl:warn] [pid 9972:tid 456] AH01909: RSA certificate configured for localhost:443 does NOT include an ID which matches the server name
[Mon Dec 23 14:38:11.739854 2013] [ssl:warn] [pid 9972:tid 456] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon Dec 23 14:38:11.739854 2013] [ssl:warn] [pid 9972:tid 456] AH01909: RSA certificate configured for localhost:443 does NOT include an ID which matches the server name
///////////////Apache\u错误\u日志///////////////////////

* Adding handle: conn: 0x21a1f58
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x21a1f58) send_pipe: 1, recv_pipe: 0
* About to connect() to my.site.com port 8443 (#0)
*   Trying my.site.com...
* Connected to my.site.com port 8443 (#0)
* successfully set certificate verify locations:
*   CAfile: C:\wamp\www\server.pem
  CApath: none
* SSL connection using DHE-RSA-AES256-SHA
* Server certificate:
*    subject: CN=my.site.com
*    start date: 2013-07-09 07:57:53 GMT
*    expire date: 2013-07-09 07:57:53 GMT
*    common name: my.site.com (matched)
*    issuer: CN=my.site.com
*    SSL certificate verify ok.
> POST /v2/dip/auth/login HTTP/1.1

Host: my.site.com:8443

Accept: */*

contentType:application/json

MY-API-Key:@#@$@#$SDsdfsdfdsw1212312323123

Content-Length: -1

Content-Type: application/x-www-form-urlencoded

Expect: 100-continue



< HTTP/1.1 400 Bad Request

* Server Apache-Coyote/1.1 is not blacklisted
< Server: Apache-Coyote/1.1

< Transfer-Encoding: chunked

< Date: Tue, 24 Dec 2013 09:37:32 GMT

< Connection: close

< 

* Closing connection 0
[Mon Dec 23 14:38:08.561536 2013] [mpm_winnt:notice] [pid 328:tid 560] AH00430: Parent: Child process 8080 exited successfully.
[Mon Dec 23 14:38:11.019782 2013] [mpm_winnt:notice] [pid 9308:tid 560] AH00455: Apache/2.4.4 (Win32) OpenSSL/1.0.1e PHP/5.4.16 configured -- resuming normal operations
////////////////////////////////////////////////////////////////////////////////////////////

//////////////////////////////////////access.log//////////////////////////////////////
127.0.0.1 - - [23/Dec/2013:14:39:41 +0530] "GET /curltest.php HTTP/1.1" 200 359

///////////////////////////////////////sslerror.log/////////////////////////////////////
[Mon Dec 23 14:38:11.627843 2013] [ssl:warn] [pid 9972:tid 456] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon Dec 23 14:38:11.627843 2013] [ssl:warn] [pid 9972:tid 456] AH01909: RSA certificate configured for localhost:443 does NOT include an ID which matches the server name
[Mon Dec 23 14:38:11.739854 2013] [ssl:warn] [pid 9972:tid 456] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon Dec 23 14:38:11.739854 2013] [ssl:warn] [pid 9972:tid 456] AH01909: RSA certificate configured for localhost:443 does NOT include an ID which matches the server name

*添加句柄:conn:0x21a1f58
*正在添加句柄:发送:0
*正在添加句柄:recv:0
*卷曲度加把手尺寸线:长度:1
*-Conn 0(0x21a1f58)发送管道:1,接收管道:0
*即将连接()到my.site.com端口8443(#0)
*正在尝试my.site.com。。。
*已连接到my.site.com端口8443(#0)
*已成功设置证书验证位置:
*CAfile:C:\wamp\www\server.pem
卡帕斯:没有
*使用DHE-RSA-AES256-SHA的SSL连接
*服务器证书:
*主题:CN=my.site.com
*开始日期:2013-07-09 07:57:53 GMT
*过期日期:2013-07-09 07:57:53 GMT
*通用名称:my.site.com(匹配)
*发行人:CN=my.site.com
*SSL证书验证正常。
>POST/v2/dip/auth/login HTTP/1.1
主持人:my.site.com:8443
接受:*/*
contentType:application/json
我的API密钥:@#@$@#$SDFSDFDSW12123123
内容长度:-1
内容类型:application/x-www-form-urlencoded
预期:100人继续
如果我将CURLOPT_SSL_VERIFYPEER设置为true,那么它会给我SSL证书问题:自签名证书

如果我将其设置为false,则会给出“HTTP/1.1400错误请求服务器:Apache Coyote/1.1传输编码:分块日期:周二,2013年12月24日09:56:33 GMT连接:关闭”

任何想法都会有帮助

1:如果您使用的是自签名证书,这就是当
CURLOPT\u SSL\u VERIFYPEER
设置为true时出现错误的原因

CURLOPT\u SSL\u VERIFYPEER
将检查所传递的证书是否是有效的签名证书

2:当您将此设置为false时遇到的问题可能与标题中设置的选项有关

您将什么值传递到
$headers

我正在设置两个值$headers=array('contentType:application/json','My-API-Key:@$@$$sdfsdfdsw12123123');这是访问RestFul接口或API所必需的…如果我将CURLOPT_HEADER=>false设置为false,那么我不会得到任何错误,但是我无法看到响应缓冲区。以下是回应。“加载页面时成功:页眉大小-->139页眉-->正文--”我已更新了curl脚本。请让我知道它是否正确。