PHP Curl works with native library but not with ZF2

Question

I'm connecting to a remote server using TLS1.1 on PHP 5.3.

When using Zend Framework 2, I get an error:

$client = new Client('https://www.example.com/');  
$curlAdapter = new Client\Adapter\Curl();
$curlAdapter->setCurlOption(CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1);
$client->setAdapter($curlAdapter);
$client->send();

Result: Error in cURL request: SSL connect error

Adding this resolves the issue, but is obviously less secure

$curlAdapter->setCurlOption(CURLOPT_SSL_VERIFYHOST, 2);
$curlAdapter->setCurlOption(CURLOPT_SSL_VERIFYPEER,false);

Result: It works

Making the request using native PHP commands works fine:

$c = curl_init('https://www.example.com/');

$options = array(
    CURLOPT_SSLVERSION => CURL_SSLVERSION_TLSv1_1,
);

curl_setopt_array ($c ,$options );
curl_exec($c);

Returns the contents of the page.

So PHP works, but ZF2 doesn't unless VerifyPeer = false. What's the issue?

score 1 · Accepted Answer · edited May 23 '17 at 11:45

1

It is probably because you are missing one parameter:

 CURLOPT_CAINFO => '/etc/ssl/certs/ca-bundle.pem' // replace with your cert.

It is also possible that you are using different php configurations (web / cli) that point to different places with the ssl certs. Some details are also available here: Security consequences of disabling CURLOPT_SSL_VERIFYPEER (libcurl/openssl)

edited May 23 '17 at 11:45

Community

1
1

answered Feb 09 '16 at 14:03

Axalix

2,831
1
20
37

PHP Curl works with native library but not with ZF2

1 Answers1