curl: (60) SSL certificate problem: unable to get local issuer certificate 错误
SSL certificate problem: unable to get local issuer certificate。
的错误信息。
此问题的出现是由于没有配置信任的服务器HTTPS验证。默认,cURL被设为不信任任何CAs,就是说,它不信任任何服务器验证。
因此,这就是浏览器无法通过HTTPs访问你服务器的原因。
解决此报错有2种处理方法
1.如果你的内容不敏感,一个快捷的方法是使用curl_exec()之前跳过ssl检查项。
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
2.下载一个ca-bundle.crt ,放到对应的目录,在php.ini文件中配置下路径
https://github.com/bagder/ca-bundle/blob/e9175fec5d0c4d42de24ed6d84a06d504d5e5a09/ca-bundle.crt
在php.ini加入 ,重启web服务器
curl.cainfo="真实路径/ca-bundle.crt"
注:项目使用的是laravel框架,在window电脑下,我首先查找的是如下链接:
http://stackoverflow.com/questions/24611640/curl-60-ssl-certificate-unable-to-get-local-issuer-certificate
解决办法如下:
证书在 https://curl.haxx.se/docs/caextract.html 链接里面。
关于“SSL证书问题:无法获取本地颁发者证书”错误。很明显,这适用于发送CURL请求的系统(并且没有服务器接收请求)
1)从https://curl.haxx.se/ca/cacert.pem下载最新的cacert.pem
2)将以下行添加到php.ini(如果这是共享托管,并且您无法访问php.ini,那么可以在public_html中添加到.user.ini)
curl.cainfo=/path/to/downloaded/cacert.pem
3)默认情况下,FastCGI进程将每隔300秒解析新文件(如果需要,可以通过添加几个文件来更改频率,如https://ss88.uk/blog/fast-cgi-and-user-ini -files-the-new-htaccess /)
但是,下载的证书不可用,然后只好用
https://github.com/bagder/ca-bundle/blob/e9175fec5d0c4d42de24ed6d84a06d504d5e5a09/ca-bundle.crt
链接提供的证书解决了问题。
将下载的证书放在php.ini的当前目录下的extras/ssl/下面。
然后在php.ini文件中加入
curl.cainfo="真实路径/ca-bundle.crt"(curl扩展是必须开启的)
解决参考原文:
Thanks @Mladen Janjetovic,
Your suggestion worked for me in mac with ampps installed.
Copied: http://curl.haxx.se/ca/cacert.pem
To: /Applications/AMPPS/extra/etc/openssl/certs/cacert.pem
And updated php.ini with that path and restarted Apache:
[curl]
; A default value for the CURLOPT_CAINFO option. This is required to be an
; absolute path.
curl.cainfo="/Applications/AMPPS/extra/etc/openssl/certs/cacert.pem"
openssl.cafile="/Applications/AMPPS/extra/etc/openssl/certs/cacert.pem"
And applied same setting in windows AMPPS installation and it worked perfectly in it too.
[curl]
; A default value for the CURLOPT_CAINFO option. This is required to be an
; absolute path.
curl.cainfo="C:/Ampps/php/extras/ssl/cacert.pem"
openssl.cafile="C:/Ampps/php/extras/ssl/cacert.pem"
Same for wamp.
[curl]
; A default value for the CURLOPT_CAINFO option. This is required to be an
; absolute path.
curl.cainfo="C:/wamp/bin/php/php5.6.16/extras/ssl/cacert.pem"
openssl.cafile="C:/wamp/bin/php/php5.6.16/extras/ssl/cacert.pem"
share
edited Jan 16 at 23:18
answered Jan 28 '16 at 2:13
Damodar Bashyal
463 1 6 26
add a comment
up vote
15
down vote
When you view the http://curl.haxx.se/docs/caextract.html page, you will notice in big letters a section called:
RSA-1024 removed
Read it, then download the version of the certificates that includes the 'RSA-1024' certificates.https://github.com/bagder/ca-bundle/blob/e9175fec5d0c4d42de24ed6d84a06d504d5e5a09/ca-bundle.crt
Those will work with Mandrill.
Disabling SSL is a bad idea.
————————————————
版权声明:本文为CSDN博主「从心所愿」的原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/sanbingyutuoniao123/article/details/71124655
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
