0

Errror requestion token with SSL

For my XAMPP installation on Windows 2003 server, using Yahoo.inc lib to request token get error with CA. If you run the sample.php in the SDK, error will be reported on sample.php line 26 as $session = NULL. Traced into OAuthClient class, function request() need to set one curl option:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);

Hope this help if anyone get similar issue.

2 Replies
  • QUOTE (Nguyễn Thái Hưng @ Jan 27 2009, 10:48 PM) <{POST_SNAPBACK}>
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);


    I'm not certain this is actually a good idea. Disabling peer verification means it will "stop cURL from verifying the peer's certificate" (http://us3.php.net/curl_setopt). If certificate verification is failing for you, it's likely an environmental problem. Are you using a debugging proxy of some sort?
    0
  • I'd have to agree with Ryan disabling validation isn't a good security practice.

    Another developer had an issue that Equifax wasn't installed as a CA on their system. That might be worth looking at.
    0

Recent Posts

in OAuth General Discussion YDN SDKs