带有自签名证书的 POST 请求
我将使用 PHP 将一些数据从站点 A 发布到站点 B.站点 A 具有商业 SSL 证书.站点 B 将拥有一个自签名证书.这是可行的吗?如果没有,我可以设置 PHP(或 Apache)中的任何配置选项以绕过限制吗?
I'm going to POST some data from site A to site B using PHP. Site A has a commercial SSL certificate. Site B is going to have a self-signed certificate. Is this doable? If not, are there any configuration options in PHP (or Apache) that I can set to bypass the restrictions?
推荐答案
大概你会在服务器 A 上使用 curl?curl 中有几个选项可以禁用证书验证,这将允许自签名证书通过.该链接仍将被加密,但您将无法信任服务器 B 真的 IS 服务器 B:
Presumably you'll be using curl on server A? There's a couple options in curl to disable certificate validation, which'll allow self-signed certs through. The link will still be encrypted, but you won't be able to trust that server B really IS server B:
curlopt_ssl_verifypeer (checking the CA auth chain)
curlopt_ssl_verifyhost (hostname/certname match checks)
示例 PHP 代码:
$ch = curl_init("https://example.com/example/path");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$response = curl_exec($ch);
相关文章