php curl -k or --insecure, -X

Question

With PHP & curl, I need to connect via a proxy to a SSL secured site, and, ignore certificate warnings. My curl command line looks like this:

curl -k -u          


        

Answer 1

To completely disable ssl certificate checking curl knows the option CURLOPT_SSL_VERIFYPEER. If it is set to false certifcate checking will be disabled at all. As the default value is true, you'll have to add:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

From the PHP documentation:

CURLOPT_SSL_VERIFYPEER FALSE to stop cURL from verifying the peer's certificate. Alternate certificates to verify against can be specified with the CURLOPT_CAINFO option or a certificate directory can be specified with the CURLOPT_CAPATH option. TRUE by default as of cURL 7.10. Default bundle installed as of cURL 7.10.

Note that if certificate checking is disabled you can omit the CURLOPT_SSL_VERIFYHOST setting. So the following line can be removed:

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

---

You also asked if the following setting is ok:

curl_setopt($ch, CURLOPT_PROXY, true);

From the PHP documentation:

The HTTP proxy to tunnel requests through.

Means that it accepts a proxy address like '192.168.0.1:3128' if you are using a proxy. true is not meaningful in this case