1. Updated cert.pem file
php -r 'print_r(openssl_get_cert_locations());'
and result was.
Array
(
[default_cert_file] => /Applications/XAMPP/xamppfiles/share/openssl/cert.pem
[default_cert_file_env] => SSL_CERT_FILE
[default_cert_dir] => /Applications/XAMPP/xamppfiles/share/openssl/certs
[default_cert_dir_env] => SSL_CERT_DIR
[default_private_dir] => /Applications/XAMPP/xamppfiles/share/openssl/private
[default_default_cert_area] => /Applications/XAMPP/xamppfiles/share/openssl
[ini_cafile] => /Applications/XAMPP/xamppfiles/share/openssl/cert.pem
[ini_capath] =>
)
Saved this file cacert.pem in /Applications/XAMPP/xamppfiles/share/openssl/cert.pem
Updated php.ini with following
openssl.cafile = /Applications/XAMPP/xamppfiles/share/openssl/cert.pem
curl.cainfo = /Applications/XAMPP/xamppfiles/share/openssl/cert.pem
Restarted Apache but no succes. Tried to read pem file (no error returned)
echo file_get_contents("/Applications/XAMPP/xamppfiles/share/openssl/cert.pem");
Test Case
It works fine on github.com getcomposer.org paypal.com but not on google.com (google.com works as well on my windows system)
php -r '$ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://tlstest.paypal.com/"); var_dump(curl_exec($ch)); var_dump(curl_error($ch));'
Result: PayPal_Connection_OKbool(true)
But on google.com
php -r '$ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://www.google.com/"); var_dump(curl_exec($ch)); var_dump(curl_error($ch));'
Result: string(63) "SSL certificate problem: unable to get local issuer certificate"
P.S: Disabling peer verification won't be acceptable.
php.ini
代碼: 選擇全部
openssl.cafile="/usr/lib/ssl/cert.pem"
curl.cainfo="/usr/lib/ssl/cert.pem"