I'm having problems with a line of php code that uses curl_exec. If I set the curl parameters for the URL for it to retrieve "http", it works just fine. If I set the URL to "https", the script dies with the output to the browser:

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.

The error log only shows "premature end of script" and suexec log shows nothing.

curl works fine from the command line with https.

The following SSL line did not help:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);

I don't think the problem is with the certificate, as the requested file is retrieved. If I set the following, the output is sent to the screen, however nothing in the script after the curl_exec command is executed, so the script still dies:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);

So curl_exec retrieves the info from the URL, but dies immediately after it displays its output. Any ideas?

Thanks,
bobby


My server info:

WHM 10.8.0 cPanel 10.9.0-S80
RedHat 9 i686 - WHM X v3.1.0

PHP Version 5.2.0

PHP SuExec is enabled

libcurl/7.15.3 OpenSSL/0.9.7a zlib/1.2.3

Server Version: Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28 OpenSSL/0.9.7a PHP-CGI/0.1b
Server Built: Nov 21 2006 00:25:36

'./configure' '--prefix=/usr' '--with-xml' '--enable-bcmath' '--enable-calendar' '--with-curl' '--with-dom' '--with-dom-xslt' '--with-dom-exslt' '--with-swf=/usr/local/flash' '--enable-ftp' '--with-gd' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr' '--with-xpm-dir=/usr/X11R6' '--with-gettext' '--with-imap=/usr/local/imap-2004g' '--enable-mbstring' '--enable-mbstr-enc-trans' '--enable-mbregex' '--with-mcrypt' '--with-mhash' '--with-ming=../ming-0.2a' '--enable-magic-quotes' '--with-mysqli' '--with-mysql=/usr' '--with-openssl' '--enable-discard-path' '--with-pear' '--with-pspell' '--enable-sockets' '--enable-track-vars' '--with-ttf' '--with-freetype-dir=/usr' '--enable-gd-native-ttf' '--enable-versioning' '--with-zlib'

I dont know the answer to your question, but maybe this will help...

james@linux:~> curl -q https://sourceforge.net/
curl: (60) error setting certificate verify locations:
CAfile: /usr/share/curl/curl-ca-bundle.crt
CApath: none

More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). The default
bundle is named curl-ca-bundle.crt; you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.

whereas if i specificy the --insecure flag, it works.

james@linux:~> curl -q --insecure https://sourceforge.net/ >> suppressed
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 26053 0 26053 0 0 54106 0 --:--:-- --:--:-- --:--:-- 136k
james@linux:~>

is there a curl_setopt for using insecure mode? If so give that a shot.