Menu
I am having an issue where my SSL certificate subject name 'does match' the target host name but yet it throws the error
bash-4.1$ curl -X GET --cacert ./server-cert.pem --cert ./client-cert.pem --key ./client-key.pem 'https://PHXC02NX7CBG3QD:9001'
curl: (51) SSL: certificate subject name 'PHXC02NX7CBG3QD' does not match target host name 'PHXC02NX7CBG3QD'
As it can be seen that both the names are matching yet an error is thrown for reasons unkonwn.
Any help will be appreciated .Thanks in advance!
582
curl performs peer SSL certificate validation by default. This is done using a certificate store that the SSL library can use to make sure the peer's server certificate is valid.
Subject is the certificate's common name and is a critical property for the certificate in a lot of cases if it's a server certificate and clients are looking for a positive identification. As an example on an SSL certificate for a web site the subject would be the domain name of the web site.
To force Curl to bypass SSL certificate validation for local development servers, you can pass the -k or --insecure option to the Curl command. This option explicitly tells Curl to perform “insecure” SSL connections and file transfers.
If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option.
Just pass CURLOPT_SSL_VERIFYHOST equals to FALSE in curl request
$url = 'https://aa.com';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
if (curl_exec($ch) === false) {
echo 'Curl error: ' . curl_error($ch);
} else {
echo 'Operation completed without any errors';
}
$content = curl_exec($ch);
curl_close($ch);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
