Joseph Wilk

Joseph Wilk

Things with code, creativity and computation.

Curl and Certificates With Windows PHP

Curl on a Windows PHP installation does not know where to look for certificates. Hence when you try and curl a https url it fails. The default value for CURLOPT_SSL_VERIFYPEER is true which means curl will always try and validate ssl by default. I discovered this while working with an OpenID library (v1.2.3):

There is the option of disabling the verfication.

$ch=curl_init; // set URL and other appropriate options curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);

But thats ignoring the problem and opening a security hole! Instead download a reputable Certificate bundle file, for example:

Then set CURLOPT_CAINFO with the location of your certificate bundle.

if( strtoupper (substr(PHP_OS, 0,3)) == 'WIN' ) { curl_setopt($c, CURLOPT_CAINFO, 'C:/certificates/cacert.pem'); }