Reputation: 170489
Why does cUrl fail to download via HTTPS unless CURLOPT_SSL_VERIFYPEER is set to "false"?
In my PHP code I try to download a file from a URL starting with https://
$curlHandle = curl_init();
curl_setopt($curlHandle, CURLOPT_URL, $url);
curl_setopt($curlHandle, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($curlHandle);
curl_close($curlHandle);
$response happens to be FALSE unless I do this:
curl_setopt($curlHandle, CURLOPT_SSL_VERIFYPEER, false);
before curl_exec() call.
The URL I download from is from Window Azure Blob Storage and starts with https://myaccount.blob.core.windows.net so I assume there should be no problems with the server SSL certificate.
What's the reason for this behavior?
Upvotes: 2
Views: 542
Answers (2)
Reputation: 177
FYI, Microsoft released an SDK for PHP which would handle all these stuff for you and let your code be more about interacting with azure services instead of working with HTTP.
Upvotes: 0
Reputation: 437424
This happens because you have not configured curl with CA certificates that are considered trustworthy, so it has no way of verifying the signature on the remote server's certificate (although in all likelihood the signature is valid).
To verify the signature you should set either CURLOPT_CAINFO or CURLOPT_CAPATH appropriately.
Upvotes: 4
Related Questions
- PHP CURL CURLOPT_SSL_VERIFYPEER ignored
- cURL requires CURLOPT_SSL_VERIFYPEER=FALSE
- php curl: SSL_VERIFYPEER option doesn't have effect
- Apache CURL error SSL: CA certificate set, but certificate verification is disabled
- Can't seem to get CURLOPT_SSL_VERIFYPEER to behave in PHP
- php curl is not working over https
- SSL Connection Error even when VERIFYPEER, VERIFYHOST disabled
- CURLOPT_SSL_VERIFYPEER = false?
- CURLOPT_SSL_VERIFYPEER option gives certificate error
- CURLOPT_SSL_VERIFYPEER not working in PHP even with setting CURLOPT_CAINFO