PHP cURL over SSL

WARNING: Using this method will open you to Man-In-Middle_Attacks. As suggested by Filip Procházka in the comments below, you should get an up to date CA root certificate bundle and use CURLOPT_CAINFO. This article suggests a secure method for dealing with self-signed certificates.

If you’re getting stuck trying to use cURL over https in PHP, try setting both the verify peer and verify host options to false:

$url = 'https://myverysecret.domain/secrets/';
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_exec($curl);

4 thoughts on “PHP cURL over SSL”

    1. Thank you, despite your skewed value system, you raise a very valid point.

      I have updated the article with a warning.

Leave a Reply

Your email address will not be published. Required fields are marked *