Turn on debug Mode and you find the following log.
code:
————————————————————-
Try {
# 1. The init curl
$ch = curl_init ();
# 2. Set the option
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postFields);
if ($headerFields! = NULL){
curl_setopt($ch, CURLOPT_HTTPHEADER, $headerFields);
}
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt ($ch, CURLOPT_SSLCERT, self: : CLIENT_CRT);
Curl_setopt ($ch, CURLOPT_SSLKEY, self: : CLIENT_KEY);
Curl_setopt ($ch, CURLOPT_VERBOSE, 1); #debug mode
Curl_setopt ($ch, CURLOPT_STDERR, fopen (“/TMP/curl_ssl. Log “, “w +”)); #debug mode, print log to:/TMP/curl_SSL.log
# 3.execute curl and get response
$result = curl_exec($ch);
Log::info(” info: HttpMethod:: http_post-get Result:”.$Result);
$rlt_array = json_decode($result, true);
$rsp_array = curl_getinfo ($ch);
Log: : info ($rsp_array);
# 4. Release the curl
curl_close ($ch);
} catch (\Exception $e) {
Log: : info ($e);
}
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — –
/tmp/curl_ssl.log:
————————————————————-
* About to connect() to 180.101.147.89 Port8743 (#1)
* Trying 180.101.147.89…
* Connected to 180.101.147.89(180.101.147.89) Port 8743 (#1)
* NSS error -5938(PR_END_OF_FILE_ERROR)
* Encountered end of file
* Closing connection 1
————————————————————-
Found an error calling HTTPS with the curl command:
————————————————————-
[root@localhost ~]# curl https://*.*.*.*
curl: (35) Encountered end of file
————————————————————-
Reason: You need to force the SSL version. Such as:
-2, –sslv2 Use sslv2 (SSL)
-3, Sslv3 Use sslv3 (SSL)
–ssl-allow-beast allow security arrest to improve interop (SSL)
–stderr FILE Where to redirect stderr.-means stdout
–tcp-nodelay Use the ctod TCP_NODELAY option
-t, –telnet-option OPT=VAL Set Telnet option
–tftp-blksize VALUE Set TFTP blksize option (must be > 512)
-z, –time-cond time Transfer based on a time condition
-1, –tlsv1 Use => TLSv1 (SSL)
– tlsv1.0 Use tlsv1.0 (SSL)
– tlsv1.1 Use tlsv1.1 (SSL)
– tlsv1.2 Use tlsv1.2 (SSL)
Add parameters — TLSV1 solves the problem:
[root@localhost conf.d]# curl –tlsv1 https://*.*.*.*
curl: (60) Peer’s certificate issuer hasbeen marked as not trusted by the user.
More details here: http://curl.haxx.se/docs/sslcerts.html
…
Reference: http://php.net/manual/en/function.curl-setopt.php
Select the SSL version you want: