Getting cURL to work in PHP with HTTPS

Question

I have the following code which works in test regions which do not use SSL, but not on the production system, which does. The call itself works in a browser, but when running it via cURL, I get a 500 error.

$region = "https://api.mysite.com/";
$ch = curl_init();
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . "/cacert.pem");
curl_setopt($ch, CURLOPT_FAILONERROR, true);
curl_setopt($ch, CURLOPT_URL, $region . $api);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
$resp = curl_exec($ch);
$error = curl_error($ch);
curl_close($ch); 

return $resp; 

If I don't put in CURL_OPT_FAILONERROR, then I don't get any error, just a blank response. I'm pretty sure this has to do with the fact that this is via https (as that is the only difference between my test region and my current region), but I can't figure out how to get this to work.

Answer 1

Try to set CURLOPT_REFERER and CURLOPT_USERAGENT. I had the same problem and this solved it.

Answer 2

To confirm the first issue is due to ssl or not, check with following

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

Does it work with that ?

Answer 3

Try something like

<?php

error_reporting(E_ALL);

ini_set("display_errors", 1);

$data = array(
    CURLOPT_CAINFO => "/Users/davidmann/Documents/facebook.pem", 
    CURLOPT_SSL_VERIFYHOST => 1,
    CURLOPT_SSL_VERIFYPEER => true
);

echo var_dump(curl_get('https://www.facebook.com/', array('Refferer' => 'https://www.facebook.com/'), $data));

/** 
 * Send a GET requst using cURL 
 * @param string $url to request 
 * @param array $get values to send 
 * @param array $options for cURL 
 * @return string 
 * @author David from Code2Design.com
 * @link http://au.php.net/manual/en/function.curl-exec.php#98628
 */ 
function curl_get($url, array $get = NULL, array $options = array()) 
{    
    $defaults = array( 
        CURLOPT_URL => $url. (strpos($url, '?') === FALSE ? '?' : ''). http_build_query($get), 
        CURLOPT_HEADER => 1, 
        CURLOPT_RETURNTRANSFER => TRUE, 
        CURLOPT_TIMEOUT => 4 
    ); 

    $ch = curl_init(); 
    curl_setopt_array($ch, ($options + $defaults)); 
    if( ! $result = curl_exec($ch)) 
    { 
        trigger_error(curl_error($ch)); 
    } 
    curl_close($ch); 
    return $result; 
} 

And then download the certificate from the website you are accessing (Open firefox, go to https://site.com, right click, view page info, security tab, certificate, select topmost cert, export as x.509 and then use update the CURLOPT_CAINFO

Hope this helps, Dave

Answer 4

From what you described, most likely the issue is with matching the certificate. Try:

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);

Obviously this isn't a "solution" to your problem, but it will help you in troubleshooting.

Best of luck!