Recently I was playing around with the SSL configurations within my PHP Wrapper Library for Harvest API and noticed that I was getting an access error. As it turns out cURL was behaving properly and trying to verify the SSL Certificate of the server, and as no CA Certificate was associated with the library it threw an exception and would fail. Doing some research on the subject I found myself with 2 viable options either download the server certificate and pass that along with my library or simply turn of validation of the SSL certificate. In my case validation is not important so I decided to turn it off.
The CURLOPT_SSL_VERIFYPEER option
One of the standard cURL options defined in PHP is CURLOPT_SSL_VERIFYPEER. This option is used to specify if when the url is SSL enabled if the certificate should be verified. To disable it simply set the option to false for the cURL instance.
$ch = curl_init();
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
If you are providing a data feed from your own server instead of accessing one provided by a 3rd party you may want to validate the certificate. In those cases you can find a useful tutorial on how to do so over at unit step.
cURL, HTTPS, PHP, SSL
MDBitz - Matthew Denton
PHP
What is cURL?
Client URL Library or cURL for short is a library of functions designed for the purpose of safely fetching information from remote sites. The purpose of the library is to send a request to a server using a defined protocol (http, https, ftp, etc) and to return the result back to you for usage in your application or script.
How do I use cURL?
Using cURL is a simple 4 or 5 step process depending on your needs.
- Initate a cURL session utilizing curl_init(). This function returns a session handler that you will use for manipulation the request.
$ch = curl_init("http://www.example.com/");
- Set your options for the request utilizing the curl_setopt() function. You can either set these options one at a time or pass an associated array that contains all your options. Complete options can be found at the php.net curl_setopt page but a few basic ones are:
- CURLOPT_RETURNTRANSFER
determines if the result should be outputted as string or directly
- CURLOPT_SSL_VERIFYHOST
determines if the host’s SSL Certificate should be verified
- CURLOPT_POST
set the request to use HTTP POST protocol
- CURLOPT_POSTFIELDS
set the post parameters to be sent with the request
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- Execute the cURL request and if using return transfer as string then set it to a variable.
$resp = curl_exec($ch)
- This is the optional step in that you can obtain information about the request you just performed. One of the main usages is to return the HTTP_CODE that was returned to determine if the request was successfull or if there was an error. To do this you utilize the curl_getinfo() function, full documentation can be found on the php.net curl_getinfo page.
$code = curl_getinfo($ch,CURLINFO_HTTP_CODE);
- Finally once completed you will want to close your session to free up resources. This is done by using the curl_close() function.
Summary
Utilizing the cURL library in your application to talk to remote servers allows you to easily interact with available APIs that are provided by Harvest, Google Analtyics and others. In addition it provides security to your application as you are not running any external scripts on your server only sending a request and obtaining its output.
cURL