cURL SSL certificate problem: self signed certificate Laravel 9-CodePudding

I have an article posting dashboard website, I send a cURL request from the website that I want to show the article on to the dashboard and it returns data, this is the code I'm using:

public function articleData(Request $request, $text){
        $host1 = request()->getHost();
        $host = str_replace('www.', '', $host1);
        $curl = curl_init();
        curl_setopt_array($curl, array(
            CURLOPT_URL => "https://somedomain.com/getData?host=$host&artURL=".strtolower($text),
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_ENCODING => '',
            CURLOPT_MAXREDIRS => 10,
            CURLOPT_TIMEOUT => 0,
            CURLOPT_FOLLOWLOCATION => true,
            CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
            CURLOPT_CUSTOMREQUEST => 'GET',
        ));
        $article = curl_exec($curl);
        curl_close($curl);
        $articles = json_decode($article, true);
        return view('Pages.articleTemp')->with('articles', $articles[0]);
 
}

the issue I'm facing is that when I uploaded it to a live server it stopped returning data which made the website throw an error.

I've tried using this

print curl_error($curl);

it returned this error: SSL certificate problem: self signed certificate

I tried using these inside cURL array:

CURLOPT_SSL_VERIFYHOST
CURLOPT_SSL_VERIFYPEER

nothing worked

it is working perfectly on localhost, this is only on the live server.

CodePudding user response：

These options disable SSL

CURLOPT_SSL_VERIFYHOST
CURLOPT_SSL_VERIFYPEER

You likely need to use the URLOPT_CAINFO option or a certificate directory can be specified with the CURLOPT_CAPATH option

This is not a big deal. It's more of a personal pet peeve.
While GET is a valid parameter for CURLOPT_CUSTOMREQUEST
It will work but the PHP manual says:

A custom request method to use instead of "GET" or "HEAD" when doing a HTTP request. This is useful for doing "DELETE" or other, more obscure HTTP requests.

Use CURLOPT_HTTPGET=>true,

You may need to use urlencode() on the URL if they use any characters that violate the generic URI syntax as defined in RFC 3986 - Uniform Resource Identifier (URI): Generic Syntax
An Example

urlencode($text);

I see $request is passed to your function
I do not see any CURLOPT_HTTPHEADER
I see you defined $host which should be in the HTTP Request Header

$request = array();
$request[] = "Host: $host";
CURLOPT_HTTPHEADER=>$request,

CodePudding user response：

cURL error 60: SSL certificate problem: unable to get local issuer certificate error occurs when we try to call the API with the secure https:// protocol in the request URL.

Why cURL Error 60 SSL certificate Occurs?

Your API call try to run request URL with only http:// protocol. You can’t see the error anymore because secure API calls require an SSL certificate or https:// protocol.