如何在 Windows 上为 PHP 全局设置 CURLOPT_CAINFO?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2694787/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How can I set CURLOPT_CAINFO globally for PHP on Windows?
提问by YonahW
I understand that I can set the option on any specific instance, however what I would really like is to set something up php.ini or somewhere similar which will handle this across all projects and all instances.
我知道我可以在任何特定实例上设置选项,但是我真正想要的是在 php.ini 或类似的地方设置一些东西,它将在所有项目和所有实例中处理这个问题。
Does anyone know a way for me to accomplish this?
有谁知道我有什么方法可以做到这一点?
EDIT: I am particularly interested in a solution which will allow for the certificates to be in different locations on different servers.
编辑:我对允许证书位于不同服务器上的不同位置的解决方案特别感兴趣。
I am developing on a Windows machine which needs this but deploying to a Linux server which not only doesn't need it but doesn't even have the path indicated.
我正在一台需要它的 Windows 机器上开发,但部署到一个 Linux 服务器,它不仅不需要它,而且甚至没有指明路径。
I understand that I can use conditions to check where the code is running but would prefer to just have it work out of the box. It seems to me that this is really an issue for curl and PHP to handle rather than my code and hence the settings for it belong there.
我知道我可以使用条件来检查代码运行的位置,但更愿意让它开箱即用。在我看来,这确实是 curl 和 PHP 处理的问题,而不是我的代码,因此它的设置属于那里。
回答by Matt
I found the answer here (in the user notes): http://php.net/manual/en/function.curl-setopt.php
我在这里找到了答案(在用户笔记中):http: //php.net/manual/en/function.curl-setopt.php
Just add this to you .ini (note: you cannot use ini_set, although I don't know why you would want to. Thanks @Carlton):
只需将此添加到您 .ini (注意:您不能使用ini_set,尽管我不知道您为什么要使用。谢谢@Carlton):
curl.cainfo=c:\php\cacert.pem
And get that file from: http://curl.haxx.se/docs/caextract.html
并从以下位置获取该文件:http: //curl.haxx.se/docs/caextract.html
Works and you aren't opening yourself up for MITM attacks
有效并且您不会为 MITM 攻击敞开心扉
回答by Pierre
Here is a patch to 'emulate' what we can see on linux when a valid crt data has been found at build time (which is the case for almost all distros):
这是一个补丁,用于在构建时找到有效的 crt 数据时“模拟”我们在 linux 上可以看到的内容(几乎所有发行版都是这种情况):
http://www.php.net/~pierre/patches/curl_cacert_default.txt
http://www.php.net/~pierre/patches/curl_cacert_default.txt
it adds a (system) ini settings to define the path to the cacert, curl.cainfo=c:\curl\ca.crt
它添加了一个(系统)ini 设置来定义 cacert 的路径,curl.cainfo=c:\curl\ca.crt
cacert data can be fetched here: http://curl.haxx.se/docs/caextract.html
cacert 数据可以在这里获取:http://curl.haxx.se/docs/caextract.html
DLL for php 5.3 can be found here: http://www.php.net/~pierre/test/curl-5.3-vc9-x86-ts-nts-cainfodefault.zipDLL for php 5.2 can be found here: http://www.php.net/~pierre/test/curl-5.2-cainfodefault.zip
DLL为PHP 5.3可以在这里找到:http://www.php.net/~pierre/test/curl-5.3-vc9-x86-ts-nts-cainfodefault.zipDLL为PHP 5.2可以在这里找到:HTTP: //www.php.net/~pierre/test/curl-5.2-cainfodefault.zip
Please let me know how it works.
请让我知道它是如何工作的。
回答by Mohamed Fanane
- download cacert.pem add to folder php
- copy url the place of file cacert.pem
[curl] curl.cainfo="C:/xampp/php/cacert.pem"
- 下载 cacert.pem 添加到文件夹 php
- 复制 url 文件 cacert.pem 的位置
[curl] curl.cainfo="C:/xampp/php/cacert.pem"
回答by Carlton
@Matt is right, but I would add that curl.cainfois a PHP_INI_SYSTEMdirective so you must set it in php.ini...using the ini_setfunction in a script will always return false as I found out after too many minutes of head banging
@Matt 是对的,但我想补充一点,curl.cainfo是一个PHP_INI_SYSTEM指令,所以你必须在php.ini 中设置它......在脚本中使用ini_set函数将始终返回 false,因为我在几分钟后发现敲打
回答by protobuf
You could create a wrapper function which sets the option and use php.ini's auto_prepend_file to load the file it's defined in, but your code would have to be changed to use this wrapper function instead.
您可以创建一个包装函数来设置选项并使用 php.ini 的 auto_prepend_file 来加载它在其中定义的文件,但是您的代码必须更改为使用此包装函数。
Example:
例子:
function my_curl_init($url=null) {
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_CAINFO, getcwd().'/cert/ca.crt');
return $ch;
}
