Question

Headers not sent when making a cURL/PHP request over HTTPS

Posted May 9, 2016 14k views
UbuntuPHPLAMP Stack

If I make a request over HTTP with cURL/PHP, the headers (SOAPAction etc) are being sent. However if I send the same request over HTTPS, the headers are not being sent. Could this be related to a cURL bug or some type of configuration setting for Curl/PHP?

Add a comment
esotm
By:
esotm
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers
gparent May 9, 2016

Hard to tell because we have absolutely no idea how you’re using Curl.

Reply Report
moisey May 9, 2016

This is because HTTPS requires exchanging and verify the SSL cert which protects the URL so if you hit an HTTPS URL you will receive an error because you aren’t handling the security translation.

// Initialize session and set URL.
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);

// Set so curl_exec returns the result instead of outputting it.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

// Get the response and close the channel.
$response = curl_exec($ch);
curl_close($ch);

Will generate this error:

Failed: Error Number: 60. Reason: SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

You can mitigate this with an insecure setting update, just add this line before calling curl:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

Otherwise you need to set CURLOPT_CAINFO to a CA certificate authority that should be trusted.

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . "path/to/trusted/cert");
Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help