2016-01-28 10:39
浏览 116

证书CA捆绑文件:PEM - PHP / cURL - 本地安装..?

I'm using Windows Server 2008 R2 (with IIS), PHP 5.6.0 and cURL 7.36.0 to test against PayPal's TLS test URL:

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, '');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FAILONERROR, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '\cacert.pem');
$result = curl_exec($ch);

When I use CURLOPT_CAINFO and cacert.pem from it works and I get:


When I don't use CURLOPT_CAINFO I get this error:

SSL certificate problem: unable to get local issuer certificate

I've tried this:

  1. mmc
  2. File > Add/remove snap-in
  3. Certificates (Local Computer)
  4. Trusted Root Certification Authorities > Certificates
  5. All tasks > Import
  6. Select cacert.pem
  7. Message: "The import was successful"

However this has made no difference, I still have to use CURLOPT_CAINFO for it to work.

Is there any way I can install all these root certificates on our Windows Server so that I don't have to use CURLOPT_CAINFO and cacert.pem with every call I make..?

  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • du248227 2016-01-28 11:09

    You can leverage your php.ini to set the absolute path of where the cacert.pem is located.

    The directive is curl.cainfo

    Set it, or at least read its value and place your file at the right position.


    打赏 评论

相关推荐 更多相似问题