Basically i have this:
function request($url) {
return file_get_contents($url, false, stream_context_create(array(
"ssl" => array(
"verify_peer" => true,
"allow_self_signed" => false,
)
)));
}
request("https://[A]");
request("https://[B]");
Where [A] is some URL on a server with a "real" certificate and [B] is something on one with only a self-signed certificate.
With [A] it works fine, with [B] i get this:
file_get_contents(): Failed to enable crypto
Which is a rather unfortunate error message that should have been something like "server certificate verification failed", but fine...
Now i thought: "ok, [B] is my test system - i don't care for the certificate" and changed the context into this:
"verify_peer" => false,
"allow_self_signed" => true,
It should now accept any server certificate, even my self signed one. But it's still the same behavior - [A] works, [B] doesn't. Why?
Btw: I know that it works well with the curl extension, but i want to beat this without it.
$contextOptions = [
'ssl' => [
'verify_peer' => false,
'allow_self_signed' => true
]
];
$sslContext = stream_context_create($contextOptions);
file_get_contents("https://website.com/", false, $sslContext);
This works for me. Good luck.
$context = [ 'http' => [ 'method' => 'GET' ], 'ssl' => [ 'verify_peer' => false, 'allow_self_signed'=> true ] ];
$context = stream_context_create($context);
$resp = file_get_contents('https://site/', false, $context);