douzuizhuo0587
2015-01-31 17:05
采纳率: 0%
浏览 43
已采纳

ssl on apache2 debian safe没有公开认可的CA用于cURL设置

I have two servers, A and B. They both run on the same code base and run on debian with apache2.

I need to securely & periodically check a REST response from serverA with serverB.

I have built a simple cURL script to connect to serverA from serverB with basic auth:

<?php
$url = 'http://mydomain/restpath/get';
$ch = curl_init($url);
$username = 'username';
$password = 'password';
// Timeout in seconds
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
// Include header in result? (0 = yes, 1 = no)
curl_setopt($ch, CURLOPT_HEADER, 0 );
// Should cURL return or print out the data? (true = return, false = print)
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
//set the basic auth to any then set the creds
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
$status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);   //get status code
// Download the given URL, and return output
$output = curl_exec($ch);
// Close the cURL resource, and free system resources
curl_close($ch);

The credentials here will be passed in plaintext.. to secure I intend to use a HTTPS connection.

## My knowledge on https certs is beginner ##

is it safe to just use the defualt certs declared in the example ssl vhost conf supplied with apache:

SSLCertificateFile      /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

Or is there a little more that I would need to do?

Thanks, John

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

相关推荐 更多相似问题