Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
PHPMyAdmin on 1-Click LAMP Droplet Question Question
GUI for MongoDB needed to mange Meteor app Question Question

Question

Headers not sent when making a cURL/PHP request over HTTPS

Posted May 9, 2016 18.3k views
UbuntuPHPLAMP Stack

If I make a request over HTTP with cURL/PHP, the headers (SOAPAction etc) are being sent. However if I send the same request over HTTPS, the headers are not being sent. Could this be related to a cURL bug or some type of configuration setting for Curl/PHP?

Add a comment
esotm
By:
esotm

Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
PHPMyAdmin on 1-Click LAMP Droplet Question Question
GUI for MongoDB needed to mange Meteor app Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
2 answers
gparent May 9, 2016

Hard to tell because we have absolutely no idea how you’re using Curl.

Reply Report
moisey May 9, 2016

This is because HTTPS requires exchanging and verify the SSL cert which protects the URL so if you hit an HTTPS URL you will receive an error because you aren’t handling the security translation.

// Initialize session and set URL.
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);

// Set so curl_exec returns the result instead of outputting it.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

// Get the response and close the channel.
$response = curl_exec($ch);
curl_close($ch);

Will generate this error:

Failed: Error Number: 60. Reason: SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

You can mitigate this with an insecure setting update, just add this line before calling curl:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

Otherwise you need to set CURLOPT_CAINFO to a CA certificate authority that should be trusted.

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . "path/to/trusted/cert");
Reply Report

Related

Looking for something else?

Ask a new question Search for more help