如何使Guzzle在每个请求上忽略SSL验证

huangapple go评论69阅读模式
英文:

How to make Guzzle ignore ssl verification on each request

问题

I am using Guzzle 7.2 in my Laravel app. When Laravel Filemanager makes a request towards Dropbox, it uses Guzzle. The problem I face is that I get cURL error 60: SSL certificate problem. I have found out that Guzzle throws this error since I am hosting my app on localhost (artisan serve) and it can't validate SSL. I would like to make all Guzzle requests not require SSL verification.

I have found out that Guzzle 4.0 doesn't require SSL verification and it doesn't throw this error. The problem is that I can't define Guzzle 4.0 in composer.json since my other packages require a higher version of Guzzle. I have also found this solution to make Guzzle requests ignore SSL verification:

use GuzzleHttp\Client;

$client = new Client(['verify' => false]);

$response = $client->get('https://example.com/');

The problem with this solution is that Filemanager makes this request, and I have no idea where this request is being made. I can't find that specific part of the code where I could define 'verify' => false. I think the easiest solution would be to make all Guzzle requests with 'verify' => false, making this a "global definition."

I understand all the risks of ignoring SSL, but since I am on localhost, this solution would definitely work for me. I searched the internet, but couldn't find a solution that involves Laravel file manager and disabling Guzzle SSL verification.

Regards.

英文:

I am using Guzzle 7.2 in my Laravel app. When Laravel Filemanager makes request towards Dropbox it uses Guzzle. The problem I face is that I get cURL error 60: SSL certificate problem, I have found out that Guzzle throws this error since I am hosting my app on localhost (artisan serve) and it can't validate ssl. I would like to make all Guzzle requests not to require ssl verification.

I have found out that Guzzle 4.0 doesn't require ssl verification and it doesn't throw this error. The problem is that I can't define Guzzle 4.0 in composer.json since my other packages require higher version of Guzzle. I have also found this solution to make Guzzle request ignore the ssl verifiction

use GuzzleHttp\Client;

$client = new Client(['verify' => false]);

$response = $client->get('https://example.com/');

Problem with this solution is that Filemanager makes this request and I have no idea where this request is being made, I can't find that specifc part of code where I could define 'verify' => false. I think the easiest solution would be make all Guzzle requests with 'verify' => false, make this as "global definition".

I understand all the risks of ignoring ssl, but since I am on localhost this solution would definitely work for me.

I searched the internet, but couldn't find solution that involves Laravel file manager and disabling Guzzle ssl verification.

Regards

答案1

得分: 0

你可以在项目测试中使用这个,但ssl更安全。

$response = $client->withoutVerifying()->get('https://example.com/');

希望这对你有帮助。

英文:

you can use this if your project in testing

but ssl is more secure

$response = $client->withoutVerifying()->get('https://example.com/');

hopefully that is help you

答案2

得分: 0

我找到了一个 php.ini 文件,使用 phpinfo() 可以查看 artisan serve 使用的文件。然后,我下载了 cert.pem 并在 php.ini 中定义了其位置,这样 Guzzle 就能够验证请求。

英文:

I have actually found a php.ini file that artisan serve uses by using phpinfo(). Then I downloaded cert.pem and defined its location in the php.ini and Guzzle was able to verify request.

huangapple
  • 本文由 发表于 2023年4月13日 20:24:46
  • 转载请务必保留本文链接:https://go.coder-hub.com/76005405.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定