1
votes

I am trying to connect to secure link using CURL.

I have set the following two parameters in CURL of PHP page

curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, TRUE);

curl_setopt ($ch, CURLOPT_CAINFO, "/cacert.pem");

But still I am getting the below error :SSL error.

After Adding the pem file now in NGINX Server i am getting the error as below in NGINX SSL3_GET_RECORD:decryption failed or bad record mac

The Same PEM file works on the Windows WAMP Server but its not working in NGINX Server.

Please let me know if anything else i am missing.

3

3 Answers

0
votes

Basically curl used to include a list of accepted CAS, but it will not accept longer bundles ANY CA certs. So by default it will reject all SSL certificates as unverifiable.

You'll have to get your CA's cert and point curl at it. More details here

0
votes

I think you are using self-signed certificate. You should add it to your CA bundle. So that, curl can trusted it.

Alternatively you can use

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
0
votes

SSL3_GET_RECORD:decryption failed or bad record mac

  • The above error was fixed by forcing the SSL version to 3.

curl_setopt($ch, CURLOPT_SSLVERSION, 3);

  • To aviod breaks in the transfer

curl_setopt ($ch, CURLOPT_TIMEOUT,0);

The above changes worked for me.