php SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

回覆文章
yehlu
Site Admin
文章: 3245
註冊時間: 2004-04-15 17:20:21
來自: CodeCharge Support Engineer

php SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

文章 yehlu »

http://stackoverflow.com/questions/3647 ... ify-failed

1. Updated cert.pem file

php -r 'print_r(openssl_get_cert_locations());'

and result was.

Array
(
[default_cert_file] => /Applications/XAMPP/xamppfiles/share/openssl/cert.pem
[default_cert_file_env] => SSL_CERT_FILE
[default_cert_dir] => /Applications/XAMPP/xamppfiles/share/openssl/certs
[default_cert_dir_env] => SSL_CERT_DIR
[default_private_dir] => /Applications/XAMPP/xamppfiles/share/openssl/private
[default_default_cert_area] => /Applications/XAMPP/xamppfiles/share/openssl
[ini_cafile] => /Applications/XAMPP/xamppfiles/share/openssl/cert.pem
[ini_capath] =>
)
Saved this file cacert.pem in /Applications/XAMPP/xamppfiles/share/openssl/cert.pem

Updated php.ini with following

openssl.cafile = /Applications/XAMPP/xamppfiles/share/openssl/cert.pem
curl.cainfo = /Applications/XAMPP/xamppfiles/share/openssl/cert.pem
Restarted Apache but no succes. Tried to read pem file (no error returned)

echo file_get_contents("/Applications/XAMPP/xamppfiles/share/openssl/cert.pem");
Test Case

It works fine on github.com getcomposer.org paypal.com but not on google.com (google.com works as well on my windows system)

php -r '$ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://tlstest.paypal.com/"); var_dump(curl_exec($ch)); var_dump(curl_error($ch));'
Result: PayPal_Connection_OKbool(true)

But on google.com

php -r '$ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://www.google.com/"); var_dump(curl_exec($ch)); var_dump(curl_error($ch));'
Result: string(63) "SSL certificate problem: unable to get local issuer certificate"

P.S: Disabling peer verification won't be acceptable.

php.ini

代碼: 選擇全部

openssl.cafile="/usr/lib/ssl/cert.pem"
curl.cainfo="/usr/lib/ssl/cert.pem"
回覆文章

回到「PHP」