From http://php.net/manual/en/function.include.php:
If "URL include wrappers" are enabled in PHP, you can specify the file to be included using a URL.
So you can include a file like this:
<?php
include 'https://localhost:1234/index.php';
?>
This works fine if you have a valid SSL certificate but if you're using a self signed certificate the peer certificate verification fails:
Warning: include(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in [...]
This wasn't a problem in older versions but PHP 5.6 enables peer verification by default (http://php.net/manual/en/migration56.openssl.php).
Apparently you can set a default stream context using stream_context_set_default() where you can disable peer verification. So my code would look like this:
<?php
stream_context_set_default(
array(
"ssl"=>array(
"verify_peer"=>false,
"verify_peer_name"=>false,
)
)
);
include 'https://localhost:1234/index.php';
?>
But this doesn't work. The Include() function still attempts to verify the peer and fails. If I use file_get_contents(), fopen(), copy(), readfile(), or file() instead of include(), it works fine.
Now I'm not sure if this is a bug in PHP or if I'm missing something here. Same issue exists with require().
Any ideas?
