Allow self-signed certificates for HTTPS wrapper

Francois Bourgeois picture Francois Bourgeois · Jan 11, 2013 · Viewed 12.5k times · Source

Basically i have this:

function request($url) {
    return file_get_contents($url, false, stream_context_create(array(
        "ssl" => array(
            "verify_peer" => true,
            "allow_self_signed" => false,
        )
    )));
}

request("https://[A]");
request("https://[B]");

Where [A] is some URL on a server with a "real" certificate and [B] is something on one with only a self-signed certificate.

With [A] it works fine, with [B] i get this:

file_get_contents(): Failed to enable crypto

Which is a rather unfortunate error message that should have been something like "server certificate verification failed", but fine...

Now i thought: "ok, [B] is my test system - i don't care for the certificate" and changed the context into this:

"verify_peer" => false,
"allow_self_signed" => true,

It should now accept any server certificate, even my self signed one. But it's still the same behavior - [A] works, [B] doesn't. Why?


Btw: I know that it works well with the curl extension, but i want to beat this without it.

Answer

bryan picture bryan · Jan 6, 2015

This works for me. Good luck.

$context = [ 'http' => [ 'method' => 'GET' ], 'ssl' => [ 'verify_peer' => false, 'allow_self_signed'=> true ] ];
$context = stream_context_create($context);
$resp = file_get_contents('https://site/', false, $context);