Can't connect to HTTPS site using cURL. Returns 0 length content instead. What can I do?

Solution 1:

I had the same problem today. Curl comes with an outdated file to authenticate HTTPS certificates from.

get the new one from:

http://curl.haxx.se/ca/cacert.pem

save it into some dir on your site

and add

curl_setopt ($curl_ch, CURLOPT_CAINFO, dirname(__FILE__)."/cacert.pem"); 

To every request :-)

IGNORE any dumbass comments about disabling CURLOPT_VERIFYPEER and CURLOPT_VERIFYHOST!! That leaves your code vulnerable to man in the middle attacks!

December 2016 edit:

Solve this properly by using Jasen's method mentioned below.

add curl.cainfo=/etc/ssl/certs/ca-certificates.crt to you php.ini

October 2017 edit:

There is now a composer package that helps you manage the ca certificates, so that you're not vulnerable if your cacert.pem becomes outdated due to revoking certificates.

https://github.com/paragonie/certainty -> composer require paragonie/certainty:dev-master

Solution 2:

You should also try checking the error messages in curl_error(). You might need to do this once after each curl_* function.

http://www.php.net/curl_error

Solution 3:

Note: This is strictly not production use. If you want to quickly debug, this may be useful. Otherwise, please use @SchizoDuckie's answer above.

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);     
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); 

Just add them. It works.

Solution 4:

Just had a very similar problem and solved it by adding

curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);

Apparently the site I'm fetching redirects to another location and php-curl doesn't follow redirects by default.

Solution 5:

I had a situation where this helped: (PHP 5.4.16 on Windows)

curl_setopt($ch, CURLOPT_SSLVERSION, 3);