Knowledgebase
How to use CURL with PHP to get content from SSL-enabled sites
Posted by zz-James Moir on 21 June 2016 04:08 PM

Issue

You wish to use CURL to get information from secure https:// sites but get validation errors. 

Cause

The CURL libraries no longer include a list of certificates to validate against.

As such, these need to be obtained and then referenced in your code.

An example is given below.

Resolution

Obtain CA Certificate bundle in PEM format from http://curl.haxx.se/ca/cacert.pem and save this to a location within the httpdocs directory structure.

Within your code reference this.

An example :

<?php
...

// Set the URL to visit
$url = "https:<somesite/page";

// In this example we are referring to a page that handles xml
$headers = array( "Content-Type: text/xml",);

// Initialise Curl
$curl = curl_init();
if ($curl === false)
{
    throw new Exception(' cURL init failed');
}

// Configure curl for website
curl_setopt($curl, CURLOPT_URL, "https://<somesite>");

// Set up to view correct page type
curl_setopt(#curl, CURLOPT_HTTPHEADER, &$headers);

// Turn on SSL certificate verfication

curl_setopt($curl, CURLOPT_CAPATH, "/usr/local/www/vhosts/<yourdomainname>/httpdocs/cacert.pem");
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, TRUE);

// Tell the curl instance to talk to the server using HTTP POST
curl_setopt($curl, CURLOPT_POST, 1);

// 1 second for a connection timeout with curl
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 5);

// Try using this instead of the php set_time_limit function call
curl_setopt($curl, CURLOPT_TIMEOUT, 60);

// Causes curl to return the result on success which should help us avoid using the writeback option
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

$result = curl_exec($curl);

...
?>