开发者

Question about Curl SSL certificates, encryption

I开发者_StackOverflow中文版'm working on a web task automation with curl and not getting the result I want, its for a SSL connection and currently I have Curl set to:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);

As I understand it, this means it will just blindly accept any SSL certificate, however what I am unable to understand and seemingly find info on, is whether the data being sent back to the server is now encrypted properly, as per their SSL certificate.. I need to mimic an actual web browser to make this work so if its not sending back the POST as being encrypted, I think this would lead to the problem I am having... any further insight into this is appreciated.


This option simply ignores certificate verification errors (like wrong hostname, untrusted CA etc). The data will be encrypted just like normal SSL connection.

The security risk without verifying peer is that you might be encrypting data for the wrong party.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜