PHP- curl无法获取本地发行者证书

Question

I'm getting the classic php curl error "unable to get local issuer certificate". 我收到经典的php curl错误“无法获取本地发行者证书”。 Here are some more information from the curl debug: 这里是来自curl调试的更多信息：

Trying 133.7.42.21... 尝试133.7.42.21 ...

TCP_NODELAY set TCP_NODELAY设置

Connected to example.adress.com (133.7.42.21) port 443 (#0) 已连接至example.adress.com（133.7.42.21）端口443（＃0）

ALPN, offering http/1.1 ALPN，提供http / 1.1

Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH 密码选择：ALL：！EXPORT：！EXPORT40：！EXPORT56：！aNULL：！LOW：！RC4：@STRENGTH

successfully set certificate verify locations: 成功设置证书验证位置：

CAfile: C:\\some_absolute_path\\cacert.pem CA文件：C：\\ some_absolute_path \\ cacert.pem

CApath: none CApath：无

SSL certificate problem: unable to get local issuer certificate SSL证书问题：无法获取本地颁发者证书
Curl_http_done: called premature == 1\\n* Closing connection 0\\n Curl_http_done：称为过早== 1 \\ n *关闭连接0 \\ n

As you can see the i tried to used the "cacert.pem" file from Mozilla. 如您所见，我尝试使用Mozilla中的“ cacert.pem”文件。 I tried all of them but none of them worked. 我尝试了所有这些，但没有一个起作用。

The PHP Code: PHP代码：

        $curl = curl_init($location);
        //set verifier from interface host
        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 1);
        curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);

        //set host global certificate
        curl_setopt($curl, CURLOPT_CAINFO, $globla_cert);

        //set certificate
        curl_setopt($curl, CURLOPT_SSLCERT, $ssl_cert);
        //set private key
        curl_setopt($curl, CURLOPT_SSLKEY, $ssl_cert_key);
        //set private key password
        curl_setopt($curl, CURLOPT_SSLKEYPASSWD, $ssl_cert_password);

        //set curl debug output
        curl_setopt($curl, CURLOPT_VERBOSE, true);
        $verbose = fopen('php://temp', 'w+');
        curl_setopt($curl, CURLOPT_STDERR, $verbose);
        //curl_setopt($curl, CURLINFO_HEADER_OUT, true);
        //set ssl version
        curl_setopt($curl, CURLOPT_SSLVERSION, 6);


        curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
        curl_setopt($curl, CURLOPT_POST, TRUE);
        curl_setopt($curl, CURLOPT_POSTFIELDS, $request);
        curl_setopt($curl, CURLOPT_HEADER, FALSE);
        curl_setopt($curl, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));
        curl_setopt($curl, CURLOPT_TIMEOUT, $timeout);
        curl_setopt($curl, CURLOPT_CONNECTTIMEOUT_MS, $connecttimeout);
        $response = curl_exec($curl);

It will work without the Global cert when i disable CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST but this is a NOGO 当我禁用CURLOPT_SSL_VERIFYPEER和CURLOPT_SSL_VERIFYHOST时，它将在没有全局证书的情况下工作，但这是一个NOGO

I'm currently using XAMPP with PHP Version 7.0.15. 我目前正在将XAMPP与PHP版本7.0.15结合使用。 The Apache has the mod_ssl enabled. Apache已启用mod_ssl。 PHP has the openssl and the curl extension enabled. PHP已启用openssl和curl扩展。

Things that i tried: 我尝试过的事情：

Set the path inside the php.ini: 在php.ini中设置路径：
openssl.cainfo= "C:\\some_absolute_path\\cacert.pem" openssl.cafile= "C:\\some_absolute_path\\cacert.pem"
Throw the cert in the default path that i got with var_dump(openssl_get_cert_locations()); 将证书var_dump(openssl_get_cert_locations());我使用var_dump(openssl_get_cert_locations());获得的默认路径中var_dump(openssl_get_cert_locations()); That was "C:\\openssl-1.0.2j-win32\\ssl" for me. 对我来说就是“ C：\\ openssl-1.0.2j-win32 \\ ssl”。
Throw the cert in "C:\\xampp\\php" 将证书扔到“ C：\\ xampp \\ php”中

Now i don't find anymore "fixes" that i can try, has someone an idea what it could be? 现在我找不到可以尝试的“修补程序”了，有人知道它可能是什么吗？

Answer 1

The problem is resolved. 问题已解决。

It wasn't a technical problem. 这不是技术问题。 The certificate that i received for the Service wasn't valid anymore and the new certificate isn't in the "cacert.pem" from Mozilla like the old one. 我收到的针对该服务的证书不再有效，并且新证书也不再像旧证书一样位于Mozilla的“ cacert.pem”中。

PHP- curl无法获取本地发行者证书

问题描述

1 个解决方案

解决方案1
0 已采纳 2017-10-10 09:45:35

PHP- curl无法获取本地发行者证书

问题描述

1 个解决方案

解决方案1 0 已采纳 2017-10-10 09:45:35

解决方案1
0 已采纳 2017-10-10 09:45:35