iJeep iJeep - 7 days ago 7
PHP Question

PHP Curl Not connecting to HTTPS

I've been trying to connect to HTTPS servers using PHP and Curl. I don't get any error or response.

$options = array(
CURLOPT_RETURNTRANSFER => true, // return web page
CURLOPT_HEADER => true, // return headers
CURLOPT_FOLLOWLOCATION => true, // follow redirects
CURLOPT_ENCODING => "", // handle all encodings
CURLOPT_USERAGENT => "spider", // who am i
CURLOPT_AUTOREFERER => true, // set referer on redirect
CURLOPT_CONNECTTIMEOUT => 120, // timeout on connect
CURLOPT_TIMEOUT => 120, // timeout on response
CURLOPT_MAXREDIRS => 10, // stop after 10 redirects
CURLOPT_SSL_VERIFYPEER => true,
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_CAINFO => 'ca.pem'
);

$ch = curl_init("https://www.google.com");
curl_setopt_array( $ch, $options );

var_dump(curl_exec($ch));
var_dump(curl_getinfo($ch));
var_dump(curl_errno($ch));
var_dump(curl_error($ch));


The Output is:

bool(false)
array(22) {
["url"]=>
string(23) "https://www.google.com/"
["content_type"]=>
NULL
["http_code"]=>
int(0)
["header_size"]=>
int(0)
["request_size"]=>
int(0)
["filetime"]=>
int(-1)
["ssl_verify_result"]=>
int(0)
["redirect_count"]=>
int(0)
["total_time"]=>
float(0.004288)
["namelookup_time"]=>
float(0.004212)
["connect_time"]=>
float(0.006157)
["pretransfer_time"]=>
float(0)
["size_upload"]=>
float(0)
["size_download"]=>
float(0)
["speed_download"]=>
float(0)
["speed_upload"]=>
float(0)
["download_content_length"]=>
float(-1)
["upload_content_length"]=>
float(-1)
["starttransfer_time"]=>
float(0)
["redirect_time"]=>
float(0)
["certinfo"]=>
array(0) {
}
["redirect_url"]=>
string(0) ""
}
int(77)
string(0) ""


If I change the url to
http://www.google.com
, the script returns the google page as expected. I can run curl from shell and get to https sites. I'm not sure what else to try since there are no errors or other output presented.

Curl version is 7.38.0
PHP version is 5.3.29

Answer

You should try checking the error messages in curl_error(). See http://www.php.net/curl_error

Furthermore Curl might have an outdated file to authenticate https certificates from. There's a new one on http://curl.haxx.se/ca/cacert.pem

And use:

curl_setopt($ch, CURLOPT_SSLVERSION, 3);

to make sure the latest SSL version is used.

These settings:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);

also work.

But this means a security risk. Don't do it on 'production' servers.