Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

file_get_contents ignoring verify_peer=>false?

Tags:

php

https

ssl

file_get_contents with https hosts works just fine, except for a particular host (test api server from some company - ip whitelisted, can't give you URL to test). This rules out not loaded https modules and other initial setup mistakes.

I have tested with multiple PHP installations, all at v5.3.3, 32bits, Debian 32bits.

The request works with cURL, but only if setting curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);. However, setting verify_peer"=>false on the context for file_get_contents seems to make no difference.

With file_get_contents, the exact same request (same URL, same XML POST data) fails with SSL: Connection reset by peer:

$arrContextOptions=array(
    "http" => array(
        "method" => "POST",
        "header" => 
            "Content-Type: application/xml; charset=utf-8;\r\n".
            "Connection: close\r\n",
        "ignore_errors" => true,
        "timeout" => (float)30.0,
        "content" => $strRequestXML,
    ),
    "ssl"=>array(
        "allow_self_signed"=>true,
        "verify_peer"=>false,
    ),
);

file_get_contents("https://somedomain:2000/abc/", false, stream_context_create($arrContextOptions));

.

Has anyone encountered this with file_get_contents? Any ideas how to debug?

like image 215
Tiberiu-Ionuț Stan Avatar asked Feb 25 '13 21:02

Tiberiu-Ionuț Stan

2 Answers

You missed verify_peer_name. If you set that to false as well, the request works:

$arrContextOptions=array(
    "http" => array(
        "method" => "POST",
        "header" => 
            "Content-Type: application/xml; charset=utf-8;\r\n".
            "Connection: close\r\n",
        "ignore_errors" => true,
        "timeout" => (float)30.0,
        "content" => $strRequestXML,
    ),
    "ssl"=>array(
        "allow_self_signed"=>true,
        "verify_peer"=>false,
        "verify_peer_name"=>false,
    ),
);

file_get_contents("https://somedomain:2000/abc/", false, stream_context_create($arrContextOptions));
like image 58
Skeets Avatar answered Sep 18 '22 15:09

Skeets

dont' know if this will actually help, but do try removing the SSL options from your option array.

The reason behind this: according to http://www.php.net/manual/en/context.ssl.php , verify_peer is false by default.

allow_self_signed REQUIRES verify_peer, and is false by default.

From the above, I gather that allow_self_signed probably overrides your setting for verify_peer.

So please try without any option for SSL, or without the allow_self_signed, and let us know if that helped any.

like image 20
Nick Andriopoulos Avatar answered Sep 18 '22 15:09

Nick Andriopoulos
Sign in to Comment

Related questions

Passing data from MVC Controller to View in PHP
OOP Best Practices (specifically PHP)
PHP autoloader class vs. procedural autoloader function?
Association mapping with mapped superclass
How to submit additional Form Data to Blueimp Uploader?
Using Symfony 2 CLI tools, how can I generate getters and setters with correct type hinting for sub-classes?
Codeigniter subdomain routing
How does PHP’s array memory usage management work?
Using PHP Imagine to apply a mask
Create sub Module folders in laravel 5.1 using pingpong package
Nginx / PHP FPM graceful stop (SIGQUIT): not so graceful
WP_Ajax_UnitTestCase does not throw WPAjaxDieStopException
How can I access Database Adapter in ZF2 Field Set?
Create numbers within an array that add up to a set amount
Building a simple RESTful api
How do I configure PHP + Apache on Amazon EC2?
Get/set DPI with PHP GD/Imagick?
A/B Testing Frameworks for PHP [closed]
PDO much slower than mysql query?
Symfony2 Form Dynamic Choice Field With EAV Returned Values

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!