wamp安装curl扩展的方法:

http://blog.csdn.net/superuser007/article/details/5781095

安装出现 PHP Extension "curl" must be loaded 错误。
解决方法如下:
1> 在 WAMP或XAMPP 目录下“搜索”功能查找到 httpd.conf:

#LoadModule rewrite_module modules/mod_rewrite.so

LoadModule rewrite_module modules/mod_rewrite.so

(只是去除 # 号)

2> 用上面同样的方法查找到 php.ini( 这里可能有两个 php.ini 文件,两个都要改 )

;extension=php_mcrypt.dll

extension=php_mcrypt.dll

;extension=php_curl.dll

extension=php_curl.dll

;extension=php_pdo_mysql.dll

extension=php_pdo_mysql.dll

( 只是去除 ; )

http 使用curl发起https请求

今天一个同事反映,使用curl发起https请求的时候报错:“SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed”

很明显,验证证书的时候出现了问题。

使用curl如果想发起的https请求正常的话有2种做法:

方法一、设定为不验证证书和host。

在执行curl_exec()之前。设置option

$ch = curl_init();

......

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);

方法二、设定一个正确的证书。

本地ssl判别证书太旧,导致链接报错ssl证书不正确。

我们需要下载新的ssl 本地判别文件

http://curl.haxx.se/ca/cacert.pem

放到 程序文件目录

curl 增加下面的配置

curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,true); ;
   curl_setopt($ch,CURLOPT_CAINFO,dirname(__FILE__).'/cacert.pem');

大功告成

(本人验证未通过。。。报错信息为:SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed)

如果对此感兴趣的话可以参看国外一大神文章。http://unitstep.net/blog/2009/05/05/using-curl-in-php-to-access-https-ssltls-protected-sites/

为了防止某天该文章被Q今复制过来。内容如下:

Using cURL in PHP to access HTTPS (SSL/TLS) protected sites

From PHP, you can access the useful cURL Library (libcurl) to make requests to URLs using a variety of protocols such as HTTP, FTP, LDAP and even Gopher. (If you’ve spent time on the *nix command line, most environments also have the curl command available that uses the libcurl library)

In practice, however, the most commonly-used protocol tends to be HTTP, especially when using PHP for server-to-server communication. Typically this involves accessing another web server as part of a web service call, using some method such as XML-RPC or REST to query a resource. For example, Delicious offers a HTTP-based API to manipulate and read a user’s posts. However, when trying to access a HTTPS resource (such as the delicious API), there’s a little more configuration you have to do before you can get cURL working right in PHP.

The problem

If you simply try to access a HTTPS (SSL or TLS-protected resource) in PHP using cURL, you’re likely to run into some difficulty. Say you have the following code: (Error handling omitted for brevity)

// Initialize session and set URL.
$ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url);
// Set so curl_exec returns the result instead of outputting it.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Get the response and close the channel.
$response = curl_exec($ch);
curl_close($ch);

If $url points toward an HTTPS resource, you’re likely to encounter an error like the one below:

Failed: Error Number: 60. Reason: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

The problem is that cURL has not been configured to trust the server’s HTTPS certificate. The concepts of certificates and PKI revolves around the trust of Certificate Authorities (CAs), and by default, cURL is setup to not trust any CAs, thus it won’t trust any web server’s certificate. So why don’t you have problems visiting HTTPs sites through your web browser? As it happens, the browser developers were nice enough to include a list of default CAs to trust, covering most situations, so as long as the website operator purchased a certificate from one of these CAs.

The quick fix

There are two ways to solve this problem. Firstly, we can simply configure cURL to accept any server(peer) certificate. This isn’t optimal from a security point of view, but if you’re not passing sensitive information back and forth, this is probably alright. Simply add the following line before calling curl_exec():

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

This basically causes cURL to blindly accept any server certificate, without doing any verification as to which CA signed it, and whether or not that CA is trusted. If you’re at all concerned about the data you’re passing to or receiving from the server, you’ll want to enable this peer verification properly. Doing so is a bit more complicated.

The proper fix

The proper fix involves setting the CURLOPT_CAINFO parameter. This is used to point towards a CA certificate that cURL should trust. Thus, any server/peer certificates issued by this CA will also be trusted. In order to do this, we first need to get the CA certificate. In this example, I’ll be using the https://api.del.icio.us/ server as a reference.

First, you’ll need to visit the URL with your web browser in order to grab the CA certificate. Then, (in Firefox) open up the security details for the site by double-clicking on the padlock icon in the lower right corner:

Then click on “View Certificate”:

Bring up the “Details” tab of the cerficates page, and select the certificate at the top of the hierarchy. This is the CA certificate.

Then click “Export”, and save the CA certificate to your selected location, making sure to select the X.509 Certificate (PEM) as the save type/format.

Now we need to modify the cURL setup to use this CA certificate, with CURLOPT_CAINFO set to point to where we saved the CA certificate file to.

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . "/CAcerts/BuiltinObjectToken-EquifaxSecureCA.crt");

The other option I’ve included, CURLOPT_SSL_VERIFYHOST can be set to the following integer values:

If you have CURLOPT_SSL_VERIFYPEER set to false, then from a security perspective, it doesn’t really matter what you’ve set CURLOPT_SSL_VERIFYHOST to, since without peer certificate verification, the server could use any certificate, including a self-signed one that was guaranteed to have a CN that matched the server’s host name. So this setting is really only relevant if you’ve enabled certificate verification.

This ensures that not just any server certificate will be trusted by your cURL session. For example, if an attacker were to somehow redirect traffic from api.delicious.com to their own server, the cURL session here would not properly initialize, since the attacker would not have access to a server certificate (i.e. would not have the private key) trusted by the CA we added. These steps effectively export the trusted CA from the web browser to the cURL configuration.

More information

If you have the CA certificate, but it is not in the PEM format (i.e. it is in a binary or DER format that isn’t Base64-encoded), you’ll need to use something like OpenSSL to convert it to the PEM format. The exact command differs depending on whether you’re converting from PKCS12 or DER format.

There is a CURLOPT_CAPATH option that allows you to specify a directory that holds multiple CA certificates to trust. But it’s not as simple as dumping every single CA certificate in this directory. Instead, they CA certificates must be named properly, and the OpenSSL c_rehash utility can be used to properly setup this directory for use by cURL.

WAMP安装curl扩展并发起https请求相关推荐

  1. php curl 发送https请求失败,php的curl扩展无法发起https请求

    很奇怪的是,file_get_content函数可以对https地址发起请求并且收到响应报文,但是curl就不可以,这是什么原因呢?我已经安装了openssl扩展. function fetch($u ...

  2. http 使用curl发起https请求

    今天一个同事反映,使用curl发起https请求的时候报错:"SSL certificate problem, verify that the CA cert is OK. Details: ...

  3. 用curl发起https请求

    使用curl发起https请求 使用curl如果想发起的https请求正常的话有2种做法: 方法一.设定为不验证证书和host. 在执行curl_exec()之前.设置option $ch = cur ...

  4. http 使用curl发起https请求 error 60 51

    curl_setopt换成 curl_easy_setopt  cacert.pem路径换成字符串 CURLOPT_SSL_VERIFYHOST 解决error 51 大概7.28版本后要设置2,不是 ...

  5. php+安装+curl_linux php安装curl扩展的方法

    linux php安装curl扩展的方法:首先进入php源码目录,执行phpize生成配置文件:然后调用configure生成Makefile文件:接着通过命令"make install&q ...

  6. php查看curl扩展重新安装,关于php安装curl扩展

    php安装curl扩展的方法:首先下载源码包并解压:然后进行预编译并指定安装位置:接着通过"make && make install"安装扩展:最后修改php.in ...

  7. nginx php curl扩展,关于php安装curl扩展

    php安装curl扩展的方法:首先下载源码包并解压:然后进行预编译并指定安装位置:接着通过"make && make install"安装扩展:最后修改php.in ...

  8. 安装php的curl扩展,学习猿地-关于php安装curl扩展

    php安装curl扩展的方法:首先下载源码包并解压:然后进行预编译并指定安装位置:接着通过"make && make install"安装扩展:最后修改php.in ...

  9. linux php curl 安装包下载,linux中php如何安装CURL扩展方法

    如果php已经在系统编译好,后来又需要添加新的扩展. 一种方式就是重新完全编译php,另一种方式就是单独编译扩展库,以extension的形式扩展. 下面以安装curl扩展为例: 1.下载curl安装 ...

最新文章

  1. 个人中心数据接口的开发
  2. android+webview+打不开,webview 在android下无法打开 ?是否为一个bug?请帮忙看下!谢谢!...
  3. oracle json字符串转数组,json字符串转化成json对象(原生方法)
  4. javaone_虚拟化Java应用程序:最佳实践(JavaOne 2011)
  5. Java编写代理服务器(Burp拦截Demo)一
  6. 简明 Python 教程学习笔记_7_文件操作(os、shutil、pathlib )
  7. 再谈拍照,OPPO这次拿什么和iPhone7拼?
  8. HDU 4293 Groups (线性dp)
  9. Linux目录/usr/bin和 /usr/local/bin区别
  10. MyEclipse 8.5配置Tomcat 7.0
  11. 网络安全法对计算机人员的影响,网络安全法的基本原则-网络安全论文-计算机论文.docx...
  12. 客户画像、精准营销与数字化运营
  13. java math.min_Java Math.min() 方法
  14. Appium+python自动化(七)- 初识琵琶女Appium(千呼万唤始出来,犹抱琵琶半遮面)- 上(超详解)...
  15. PS2021安装教程视频方法(附个人详细安装教程)windows版本
  16. 直观打印二叉树的图形
  17. 基于xilinx fpga的ofdm通信系统基带设计_基于嵌入式Wi-Fi处理器的无线系统设计...
  18. 如何配置crontab每天早上6点和7点执行脚本
  19. 英语学习详细笔记(三)代名词
  20. 形式系统(Formale System)-SAT问题

热门文章

  1. 数组使用方法集合(建议收藏)
  2. 前置递增运算符(JS)
  3. Vue 报错Error: No PostCSS Config found解决办法
  4. python 导出数据并发邮件_Python 获取zabbix数据图并发邮件
  5. 如何聊才能突出自己软实力,打动面试官
  6. Nginx负载均衡,ssl原理,生成ssl密钥对,Nginx配置ssl
  7. 7Python全栈之路系列之Django表单
  8. 1.redis单机部署
  9. 31. Next Permutation (java 字典序生成下一个排列)
  10. 获取手机本地的图片或者照相机照像的图片 为头像