I am developing a site locally that authenticates against centrifugal signon. One of the steps is to require me to make a curl request to the https resource in order to get the access token.
Part of curl configuration:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
As you can see, I commented on the CURLOPT_SSL_VERIFYHOST parameter. I read on php.net and on various / stackoverflow blogs ( Security Impact of Disabling CURLOPT_SSL_VERIFYHOST (libcurl / openssl) ) that denote these options.
On my development machine it CURLOPT_SSL_VERIFYHOST 2works fine. I just use the php version of vanilla provided in the ubuntu 12.04 php5 package and php5-curl.
The creation process (cloud cloud storage) CURLOPT_SSL_VERIFYHOST 2does not work, so I changed it to false to make sure that this is a problem. Seeing how I obviously did nothing to enable this on my localhost, I don’t know which parameters of the / config directives control this.
I mean, what’s not working is that when you call curl call it returns http_codeof 0when the parameter is VERIFYHOSTset to 2. When I set it to FALSE, it returns a status code200
My question is:
How to enable SSL_VERIFYHOSTin linux window?
Any help would be greatly appreciated. Thank.
source
share