When trying to use curl with PHP to invoke REST API, we encounter an error and on googling it the simple fix suggested is to set the CURLOPT_SSL_VERIFYPEER option to false.
It turns out that if CURLOPT_SSL_VERIFYPEER is set to false on production systems then API calls could become victims to Man In the middle attachs
The ideal way to resolve this error is to follow the following instructions
1. Download the CA root certificate bundle from http://curl.haxx.se/docs/caextract.html
2. Then set a path to it in your php.ini file, e.g. on Windows:
eg. curl.cainfo=c:\php\cacert.pem
3. Restart your php instance
It turns out that if CURLOPT_SSL_VERIFYPEER is set to false on production systems then API calls could become victims to Man In the middle attachs
The ideal way to resolve this error is to follow the following instructions
1. Download the CA root certificate bundle from http://curl.haxx.se/docs/caextract.html
2. Then set a path to it in your php.ini file, e.g. on Windows:
eg. curl.cainfo=c:\php\cacert.pem
3. Restart your php instance
No comments:
Post a Comment