尝试连接到Azure API时发生SSL错误

Question

I am trying to connect to Azure API.I am kinda new to this.I am using the php code given in the samples.I am using wamp on my local server.

I have configured SSL on localhost so that I am able to open https://www.wamphelpers.dev/faces.php

However I keep getting the error below:

 Failed to enable crypto stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in <b>C:\wamp\bin\php\php5.5.12\pear\HTTP\Request2\Adapter\Socket.php

My code is below:

<?php
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
require_once 'HTTP/Request2.php';

$request = new Http_Request2('https://southeastasia.api.cognitive.microsoft.com/face/v1.0/persongroups/{personGroupId}');
$url = $request->getUrl();


$headers = array(
    // Request headers
    'Content-Type' => 'application/json',
    'Ocp-Apim-Subscription-Key' => 'keygoeshere',
);

$request->setHeader($headers);

$parameters = array(
    // Request parameters
    'personGroupId' => 'heroes',
);



$url->setQueryVariables($parameters);

$request->setMethod(HTTP_Request2::METHOD_PUT);

// Request body
$request->setBody("heroes");

try
{
    $response = $request->send();
    echo $response->getBody();
}
catch (HttpException $ex)
{
    echo $ex;
}

?>

From what I have read it is a certificate issue and I have checked my php settings and made sure it is pointing to the right file. out is below:

OPENSSL_CONF    C:\OpenSSL-Win32\bin\openssl.cfg

I read a little and it seems I can disable SSL check in PHP using the context_options by making verify peer to false.

But how do I use it to hit the URL.

Below is the link for the API reference.

Answer 1

Just point HTTP/Request2 to use a CA bundle, as instructed here .

ssl_cafile

Certificate Authority file to verify the peer with (use when ssl_verify_peer is TRUE). You can use eg cURL's CA Extract tool to get such a file.

$request = new HTTP_Request2();
$request->setConfig(array(
    'ssl_cafile' => '/path/to/cacert.pem'
));

The remote certificate can now be verified against the complete chain.