stackoom
  简体   繁体   中英

PHP curl post request to server using cloudflare (Full SSL) has SSL error and Blank SESSION Cookie

 原文  2015-04-07 07:12:25       php/ session/ ssl/ curl/ cloudflare

Question

Hi I'm doing a website right now. Both of these files is in one server and domain and I'm using cloudflare to boost the loading. I'm using Full SSL option on cloudflare because I bought my own SSL Geotrust on my server. I already upgraded my curl on the server to 7.41.0.

One php file consist of the function

Function File: 

<?php
function get_content($session){
    $endpoint = "https://sample.ph/php/resource.php";
    // Use one of the parameter configurations listed at the top of the post
    $params = array(
        "yel" => $session
    );

    $curl = curl_init();
    curl_setopt($curl,CURLOPT_URL,$endpoint);
    $strCookie = 'PHPSESSID='.$_COOKIE['PHPSESSID'];
    curl_setopt($curl, CURLOPT_COOKIE, $strCookie);
    curl_setopt($curl, CURLOPT_POST, 1); 
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); 
    curl_setopt($curl, CURLOPT_VERBOSE, true); 
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true); 
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2); 
    $postData = "";

    //This is needed to properly form post the credentials object
    foreach($params as $k => $v)
    {
       $postData .= $k . '='.urlencode($v).'&';
    }
    $postData = rtrim($postData, '&');

    curl_setopt($curl, CURLOPT_POSTFIELDS, $postData);
    curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 60); 
    curl_setopt($curl, CURLOPT_HEADER, 0); // Don’t return the header, just the html
    curl_setopt($curl, CURLOPT_CAINFO,"/home/sample/public_html/php/cacert.pem"); // Set the location of the CA-bundle

    session_write_close();
    $response = curl_exec($curl);

    if ($response === FALSE) {
    return "cURL Error: " . curl_error($curl);
    }
    else{
    // evaluate for success response
    return $response;   
    }
    curl_close($curl);
}
?>

Resource File 

<?php
session_start();

if(isset($_POST['yel'])){

$drcyt_key = dcrypt("{$_POST['yel']}");

  if($drcyt_key == $_SESSION['token']){
   echo "Success";

  }
}
?>

How do you think will I fix this?

  1. The SSL Verification error. Upon debugging sometimes I got cURL Error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

  2. Sometimes I got cURL Error: SSL peer certificate or SSH remote key was not OK

  3. When I put curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true); to FALSE, which is not a good idea; There comes a second problem for the SESSION COOKIE becoming blank on first load.

I HOPE YOU CAN HELP ME. THANK YOU.

1 answers

solution1
 0  2016-04-08 17:21:00

This issue looks to be an outdated certificate bundle or outdated OpenSSL version on the server. You should both ensure you have the latest root certificates on your computer and also ensure that you have the latest versions of OpenSSL (including the PHP OpenSSL module).

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question SSL error with PHP curl cURL, php and SSL error Using Curl on a server with SSL curl using SSL on PHP Error using PHP cURL with SSL certificates PHP Curl Error when using SSL Sent post request using CURL to SSL certified domain SSL error with cloudflare php cUrl POST with SSL certificate end with an error 500 php curl ssl error no 35
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM