我在本地有一個問題(Fedora),我沒有在我的服務器(RedHat)上看到問題。當在apache下運行的腳本中使用php的curl函數時,我無法連接到HTTPS服務器。當我從CLI運行完全一樣的腳本時,它沒有任何連接問題。連接到HTTP服務器沒有問題,只能連接到HTTPS。當我在RedHat服務器上運行完全相同的腳本時,它在apache和CLI下運行良好。PHP的libcurl無法連接到https站點
這裏的腳本:
<?php
$ch = curl_init();
curl_setopt_array($ch, [
CURLOPT_URL => "https://www.google.com/",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_VERBOSE => true,
]);
$result = curl_exec($ch);
$headers = curl_getinfo($ch);
echo "Result:\n";
var_export($result);
echo "\n\nHeaders:\n";
var_export($headers);
?>
當我apache下運行它,我得到這個輸出:
Result:
false
Headers:
array (
'url' => 'https://www.google.com/',
'content_type' => NULL,
'http_code' => 0,
'header_size' => 0,
'request_size' => 0,
'filetime' => -1,
'ssl_verify_result' => 0,
'redirect_count' => 0,
'total_time' => 0.028444000000000001,
'namelookup_time' => 0.028337000000000001,
'connect_time' => 0.040409,
'pretransfer_time' => 0,
'size_upload' => 0,
'size_download' => 0,
'speed_download' => 0,
'speed_upload' => 0,
'download_content_length' => -1,
'upload_content_length' => -1,
'starttransfer_time' => 0,
'redirect_time' => 0,
'redirect_url' => '',
'primary_ip' => '74.125.226.146',
'certinfo' =>
array (
),
'primary_port' => 443,
'local_ip' => '192.168.5.197',
'local_port' => 39900,
)
..而這在錯誤日誌:
* Adding handle: conn: 0x7fdaff4ba4b0
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 1 (0x7fdaff4ba4b0) send_pipe: 1, recv_pipe: 0
* About to connect() to www.google.com port 443 (#1)
* Trying 74.125.226.146...
* Connected to www.google.com (74.125.226.146) port 443 (#1)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* Unable to initialize NSS database
* Initializing NSS with certpath: none
* Unable to initialize NSS
* Closing connection 1
當CLI運行,我得到這樣的輸出:
* Adding handle: conn: 0x7fb9c7c6b670
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7fb9c7c6b670) send_pipe: 1, recv_pipe: 0
* About to connect() to www.google.com port 443 (#0)
* Trying 74.125.226.148...
* Connected to www.google.com (74.125.226.148) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using SSL_RSA_WITH_RC4_128_SHA
* Server certificate:
* subject: CN=www.google.com,O=Google Inc,L=Mountain View,ST=California,C=US
* start date: Dec 11 12:02:58 2013 GMT
* expire date: Apr 10 00:00:00 2014 GMT
* common name: www.google.com
* issuer: CN=Google Internet Authority G2,O=Google Inc,C=US
> GET/HTTP/1.1
Host: www.google.com
Accept: */*
< HTTP/1.1 302 Found
< Cache-Control: private
< Content-Type: text/html; charset=UTF-8
< Location: https://www.google.ca/?gfe_rd=cr&ei=DQLgUsKrCoWN8Qeo9oAo
< Content-Length: 257
< Date: Wed, 22 Jan 2014 17:38:21 GMT
* Server GFE/2.0 is not blacklisted
< Server: GFE/2.0
< Alternate-Protocol: 443:quic
<
* Connection #0 to host www.google.com left intact
Result:
'<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="https://www.google.ca/?gfe_rd=cr&ei=DQLgUsKrCoWN8Qeo9oAo">here</A>.
</BODY></HTML>
'
Headers:
array (
'url' => 'https://www.google.com/',
'content_type' => 'text/html; charset=UTF-8',
'http_code' => 302,
'header_size' => 259,
'request_size' => 53,
'filetime' => -1,
'ssl_verify_result' => 0,
'redirect_count' => 0,
'total_time' => 0.210087,
'namelookup_time' => 0.028376999999999999,
'connect_time' => 0.041487000000000003,
'pretransfer_time' => 0.19747600000000001,
'size_upload' => 0,
'size_download' => 257,
'speed_download' => 1223,
'speed_upload' => 0,
'download_content_length' => 257,
'upload_content_length' => 0,
'starttransfer_time' => 0.210032,
'redirect_time' => 0,
'redirect_url' => 'https://www.google.ca/?gfe_rd=cr&ei=DQLgUsKrCoWN8Qeo9oAo',
'primary_ip' => '74.125.226.148',
'certinfo' =>
array (
),
'primary_port' => 443,
'local_ip' => '192.168.5.197',
'local_port' => 50454,
)
任何想法?謝謝。這是PHP 5.5.7。
我應該提及/ bin/curl也可以,而且我試過設置CURLOPT_CAINFO,但是結果是一樣的。 – Greg