CA證書,用來在調用HTTPS資源的時候,驗證對方網站是否是CA頒布的證書,而不是自己隨便生成的
curl命令
1.需要下載CA證書 文件地址是 http://curl.haxx.se/ca/cacert.pem
2.把下載的文件放到這個位置 /etc/pki/tls/certs/ca-bundle.crt
3.curl就可以訪問https的資源了
php代碼
function post($url, $data=array(), $refer = , $timeout = 30, $header = array()){ $curlObj = curl_init(); $ssl = stripos($url, https:// ) === 0 ? true : false; $options = array( CURLOPT_URL = $url, CURLOPT_RETURNTRANSFER = 1, CURLOPT_POST = 1, CURLOPT_POSTFIELDS = $data, CURLOPT_FOLLOWLOCATION = 1, CURLOPT_AUTOREFERER = 1, CURLOPT_USERAGENT = Webface SelfService Form , CURLOPT_TIMEOUT = $timeout, CURLOPT_HTTP_VERSION = CURL_HTTP_VERSION_1_0, CURLOPT_IPRESOLVE = CURL_IPRESOLVE_V4, CURLOPT_REFERER = $refer if (!empty($header)) { $options[CURLOPT_HTTPHEADER] = $header; if ($refer) { $options[CURLOPT_REFERER] = $refer; if ($ssl) { //注意看這里就是配置CA證書 //只信任CA頒布的證書 $options[CURLOPT_SSL_VERIFYPEER]=true; //本地CA證書,用來驗證網站的證書是否是CA頒布的 $options[CURLOPT_CAINFO]=getcwd() . /cacert.pem //驗證域名是否匹配 $options[CURLOPT_SSL_VERIFYHOST] = 2; //忽略證書驗證,信任任何證書 $options[CURLOPT_SSL_VERIFYHOST] = false; $options[CURLOPT_SSL_VERIFYPEER] = false; curl_setopt_array($curlObj, $options); $returnData = curl_exec($curlObj); if (curl_errno($curlObj)) { $returnData = curl_error($curlObj); curl_close($curlObj); return $returnData;$res=post( https://www.baidu.com var_dump($res);
