This article mainly shares with you the analysis and solutions to the error reporting problem of Curl https skipping ssl authentication in PHP. I hope it can help everyone.
function get($url = '', $cookie = ''){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //将curl_exec()获取的信息以文件流的形式返回,而不是直接输出。
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // 对认证证书来源的检查
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); // 从证书中检查SSL加密算法是否存在
curl_setopt($ch, CURLOPT_SSLVERSION, 2);//设置SSL协议版本号
if($cookie){
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie);
curl_setopt ($ch, CURLOPT_REFERER,'https://wx.qq.com');
}
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); $output = curl_exec($ch); if ( curl_errno($ch) ) return curl_error($ch);
curl_close($ch); return $output;
}
The above method is the function for user curl to initiate https request. The CURLOPT_SSLVERSION item specifies the SSL protocol version. Many codes on the Internet say that it can be set to 1/2/3, but the results of my test are as follows:
-
When set to 1, the following error will be reported in PHP 5.2.11 version:
“error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)”
Error reported here The reason is that the version of openssl in your php is too low. The solution is to upgrade your php to 5.3.60 (I haven’t tested which version is higher, it should be ok as long as the openssl version is greater than 0.9.8) When set to 2, the following error will be reported:
Linux environment error: "SSL version range is not valid."
Windows environment error: "OpenSSL was built without SSLv2 support"
This should be easier to understand because the version number of the SSL protocol is invalid.When set to 3, the following error will be reported:
Linux environment error: "Encountered end of file".
Error reported in Windows environment: “Unknown SSL protocol error in connection to login.wx.qq.com:443 ”
After checking the information online, I think the reason for this error is due to security vulnerabilities in SSLV2 and SSLV3, so WeChat has The SSLV2 and SSLV3 protocol versions are no longer used, so an error will occur when we set it to 3.
function get($url = '', $cookie = ''){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //将curl_exec()获取的信息以文件流的形式返回,而不是直接输出。
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // 对认证证书来源的检查
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); // 从证书中检查SSL加密算法是否存在
curl_setopt($ch, CURLOPT_SSLVERSION, 2);//设置SSL协议版本号
if($cookie){
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie);
curl_setopt ($ch, CURLOPT_REFERER,'https://wx.qq.com');
}
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); $output = curl_exec($ch); if ( curl_errno($ch) ) return curl_error($ch);
curl_close($ch); return $output;
}
The above method is the function for user curl to initiate https request. The CURLOPT_SSLVERSION item specifies the SSL protocol version. Many codes on the Internet say that it can be set to 1/2/3, but I tested it. The result is as follows:
When set to 1, the following error will be reported in PHP 5.2.11 version:
“error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)”
The reason for the error reported here is that the version of openssl in your php is too low. The solution is to upgrade your php to 5.3.60 (I have not tested which version is higher than it. It should be as long as the openssl version is greater than 0.9.8. Yes)When set to 2, the following error will be reported:
Linux environment error: "SSL version range is not valid."
Windows environment error: "OpenSSL was built without SSLv2 support”
This should be easier to understand, that is, the version number of the SSL protocol is invalid.When set to 3, the following error will be reported:
Linux environment error:” Encountered end of file”.
Error reported in Windows environment: “Unknown SSL protocol error in connection to login.wx.qq.com:443 ”
After checking the information online, I think the reason for this error is due to SSLV2 and SSLV3 There are security holes, so WeChat no longer uses SSLV2 and SSLV3 protocol versions, so an error will occur when we set it to 3.
Related recommendations:
Configuring SSL authentication (https) used by PHP in Nginx environment
The above is the detailed content of Curl https skips ssl authentication in PHP and reports error. For more information, please follow other related articles on the PHP Chinese website!
PHP Email: Step-by-Step Sending GuideMay 09, 2025 am 12:14 AMPHPisusedforsendingemailsduetoitsintegrationwithservermailservicesandexternalSMTPproviders,automatingnotificationsandmarketingcampaigns.1)SetupyourPHPenvironmentwithawebserverandPHP,ensuringthemailfunctionisenabled.2)UseabasicscriptwithPHP'smailfunct
How to Send Email via PHP: Examples & CodeMay 09, 2025 am 12:13 AMThe best way to send emails is to use the PHPMailer library. 1) Using the mail() function is simple but unreliable, which may cause emails to enter spam or cannot be delivered. 2) PHPMailer provides better control and reliability, and supports HTML mail, attachments and SMTP authentication. 3) Make sure SMTP settings are configured correctly and encryption (such as STARTTLS or SSL/TLS) is used to enhance security. 4) For large amounts of emails, consider using a mail queue system to optimize performance.
Advanced PHP Email: Custom Headers & FeaturesMay 09, 2025 am 12:13 AMCustomheadersandadvancedfeaturesinPHPemailenhancefunctionalityandreliability.1)Customheadersaddmetadatafortrackingandcategorization.2)HTMLemailsallowformattingandinteractivity.3)AttachmentscanbesentusinglibrarieslikePHPMailer.4)SMTPauthenticationimpr
Guide to Sending Emails with PHP & SMTPMay 09, 2025 am 12:06 AMSending mail using PHP and SMTP can be achieved through the PHPMailer library. 1) Install and configure PHPMailer, 2) Set SMTP server details, 3) Define the email content, 4) Send emails and handle errors. Use this method to ensure the reliability and security of emails.
What is the best way to send an email using PHP?May 08, 2025 am 12:21 AMThebestapproachforsendingemailsinPHPisusingthePHPMailerlibraryduetoitsreliability,featurerichness,andeaseofuse.PHPMailersupportsSMTP,providesdetailederrorhandling,allowssendingHTMLandplaintextemails,supportsattachments,andenhancessecurity.Foroptimalu
Best Practices for Dependency Injection in PHPMay 08, 2025 am 12:21 AMThe reason for using Dependency Injection (DI) is that it promotes loose coupling, testability, and maintainability of the code. 1) Use constructor to inject dependencies, 2) Avoid using service locators, 3) Use dependency injection containers to manage dependencies, 4) Improve testability through injecting dependencies, 5) Avoid over-injection dependencies, 6) Consider the impact of DI on performance.
PHP performance tuning tips and tricksMay 08, 2025 am 12:20 AMPHPperformancetuningiscrucialbecauseitenhancesspeedandefficiency,whicharevitalforwebapplications.1)CachingwithAPCureducesdatabaseloadandimprovesresponsetimes.2)Optimizingdatabasequeriesbyselectingnecessarycolumnsandusingindexingspeedsupdataretrieval.
PHP Email Security: Best Practices for Sending EmailsMay 08, 2025 am 12:16 AMThebestpracticesforsendingemailssecurelyinPHPinclude:1)UsingsecureconfigurationswithSMTPandSTARTTLSencryption,2)Validatingandsanitizinginputstopreventinjectionattacks,3)EncryptingsensitivedatawithinemailsusingOpenSSL,4)Properlyhandlingemailheaderstoa
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
Zend Studio 13.0.1
Powerful PHP integrated development environment
SublimeText3 English version
Recommended: Win version, supports code prompts!
