我正在使用cUrl和PHP向服务器发出请求(用于paypal访问)
I'm working with cUrl and PHP to make a request to a server (for paypal access)
Paypal开发者网站从未提到需要SSL证书使用PayPal访问API,但是我用来请求令牌的代码如下:
Paypal developer website does never mention that an SSL certificate is required to use PayPal access API, however the code that I use to request the token is the following:
$options = array( CURLOPT_URL => $url, CURLOPT_POST => 1, CURLOPT_VERBOSE => 1, CURLOPT_POSTFIELDS => $postvals, CURLOPT_RETURNTRANSFER => 1, CURLOPT_SSLVERSION => 3 ); curl_setopt_array($ch, $options); $response = curl_exec($ch); echo curl_error($ch);此echo输出以下错误:
This echo outputs the following error:
SSL certificate problem: unable to get local issuer certificate问题是:
1)如果我只需要获得用户电子邮件,我需要SSL才能使用paypal访问权限?
1) do I need SSL to use paypal access if I need only to get the user email?
2)如果我不需要SSL为什么会出现此错误?
2) if I do not need SSL why this error occours?
PS:端点如下: www.sandbox.paypal/webapps/auth/protocol/openidconnect/v1/tokenservice
推荐答案正确解决方案是修复您的PHP设置..将CURLOPT_SSL_VERIFYPEER设置为false是快速黑客,但它是错误的,因为您禁用其证书颁发机构的证书验证。
The correct solution is to fix your PHP setup.. setting CURLOPT_SSL_VERIFYPEER to false is a quick hack, but it's wrong as you disable the certificate validation by it's certificate authority. This exposes you to a man-in-the-middle attack.
很容易修复( php 5.3.7或更高版本) - 下载包含最新证书授权中心的列表文件,并将此设置添加到您的 php.ini curl.cainfo =< path-to> cacert.pem
It's easy to fix (php 5.3.7 or higher) - Download a list file with an up-to-date certificate authorities, and add this setting to your php.ini curl.cainfo=<path-to>cacert.pem
重新启动您的网络服务器,它会工作!
Restart your web server, and it'll work !
更多推荐
Paypal访问
发布评论