php curl: SSL_VERIFYPEER option doesn't have effect

Question

I've got this piece of code to launch queries with curl:

function curl_query($full_url, $username, $password, $payload) {
    $additionalHeaders = "";
    $process = curl_init($full_url);
    curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded', $additionalHeaders));
    curl_setopt($process, CURLOPT_HEADER, 0);
    curl_setopt($process, CURLOPT_USERPWD, $username . ":" . $password);
    curl_setopt($process, CURLOPT_TIMEOUT, 30);
    curl_setopt($process, CURLOPT_POST, 1);
    curl_setopt($process, CURLOPT_POSTFIELDS, $payload);
    curl_setopt($process, CURLOPT_FOLLOWLOCATION, true);
    curl_setopt($process, CURLOPT_MAXREDIRS, 4);
    curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
    curl_setopt($process, CURLOPT_SSL_VERIFYPEER, FALSE);
    $return = curl_exec($process);
    if ($return === false) {
        error_log("CURL error ".curl_error($process));
    }
    return $return;
}

The option CURLOPT_SSL_VERIFYPEER is set to false so I can read pages with self-signed certificates. However when I execute this code against an https URL I get an error:

CURL error SSL: certificate subject name 'localhost' does not match target host name '192.168.1.1',

I run this code on a CentOS 5 server with php53 package installed.

Thanks in advance

Answer 1

Add the option CURLOPT_SSL_VERIFYHOST

curl_setopt($process, CURLOPT_SSL_VERIFYHOST, FALSE);

I realized, that the english version of the PHP documentation missing this important information:

(translated from the german version of the PHP manual)

CURLOPT_SSL_VERIFYHOST has to be set to true or false if CURLOPT_SSL_VERIFYPEER has been deactivated.

Answer 2

curl_setopt($process, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($process,CURLOPT_SSL_VERIFYHOST, FALSE);

ADD THIS TO LINES WILL HELP