I have a site that connects using cURL (latest version) to a secure gateway for payment.
The problem is cURL always returns 0 length content. I get headers only. And only when I set cURL to return headers. I have the following flags in place.
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_URL, $gatewayURI); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_POST, 1);
The header returned is
HTTP/1.1 100 Continue HTTP/1.1 200 OK Date: Tue, 25 Nov 2008 01:08:34 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Content-Length: 0 Content-Type: text/html Set-Cookie: ASPSESSIONIDxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; path=/ Cache-control: private
I have also tried cURL'ing different sites and they return content fine. I think the problem might have something to do with the https connection.
I have spoken with the company and they are unhelpful.
Has anyone else experienced this error and know a work around? Should I ditch cURL and try and use
Thank you. :)
You should also try checking the error messages in curl_error(). You might need to do this once after each curl_* function.
I had the same problem today. Curl comes with an outdated file to authenticate HTTPS certificates from.
get the new one from:
save it into some dir on your site
curl_setopt ($curl_ch, CURLOPT_CAINFO, dirname(__FILE__)."/cacert.pem");
To every request :-)
IGNORE any dumbass comments about disabling CURLOPT_VERIFYPEER and CURLOPT_VERIFYHOST!! That leaves your code vulnerable to man in the middle attacks!
December 2016 edit:
Solve this properly by using Jasen's method mentioned below.
curl.cainfo=/etc/ssl/certs/ca-certificates.crt to you php.ini
October 2017 edit:
There is now a composer package that helps you manage the ca certificates, so that you're not vulnerable if your cacert.pem becomes outdated due to revoking certificates.
composer require paragonie/certainty:dev-master