Solving SSL/TLS Handshake Issues with cURL
Encountering the infamous cURL error 35, "A problem occurred somewhere in the SSL/TLS handshake," can be frustrating. This error message signifies difficulties establishing a secure connection during HTTPS requests, even though cURL works flawlessly with HTTP protocols.
One common solution attempted is setting CURLOPT_SSL_VERIFYPEER to false, but this proves ineffective. However, the key to resolving this issue lies in providing cURL with the necessary certificate authority information.
Unlike modern browsers, cURL does not possess built-in root certificates. To verify certificates received during SSL connections, it requires an explicit path to a cacerts.pem file. This file contains root certificates that allow cURL to trust the server's certificate.
To configure cURL correctly, follow these steps:
curl_setopt($ch, CURLOPT_CAINFO, '/path/to/cert/file/cacert.pem');
By providing this file, cURL will be able to verify the server's certificate and establish a secure HTTPS connection. The cacerts.pem file can be obtained from the official cURL documentation website.
Remember, this file can be used for all subsequent SSL connections made through cURL, simplifying the setup process.
The above is the detailed content of How to Fix cURL Error 35: \'A Problem Occurred in the SSL/TLS Handshake\'?. For more information, please follow other related articles on the PHP Chinese website!