Recently I was playing around with the SSL configurations within my PHP Wrapper Library for Harvest API and noticed that I was getting an access error. As it turns out cURL was behaving properly and trying to verify the SSL Certificate of the server, and as no CA Certificate was associated with the library it threw an exception and would fail. Doing some research on the subject I found myself with 2 viable options either download the server certificate and pass that along with my library or simply turn of validation of the SSL certificate. In my case validation is not important so I decided to turn it off.
The CURLOPT_SSL_VERIFYPEER option
One of the standard cURL options defined in PHP is CURLOPT_SSL_VERIFYPEER. This option is used to specify if when the url is SSL enabled if the certificate should be verified. To disable it simply set the option to false for the cURL instance.
$ch = curl_init(); curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
If you are providing a data feed from your own server instead of accessing one provided by a 3rd party you may want to validate the certificate. In those cases you can find a useful tutorial on how to do so over at unit step.
Comments & Questions
Add Your Comment