Nothing changed between 4.3.0 -> 4.3.1 in this part
which could cause this bug so it's either an install
error or some build problem by Edin. (I tend to think it's Edin's fault, assigning to him :)

Getting error:
<error>
* About to connect() to login.postini.com:443 * Connected to login.postini.com (64.75.1.252) port 443 * SSL: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed* Closing connection #0 
</error>
Cert is fine, loads with issue in latest versions of Opera, Mozilla and IE.  Was working in the 4.2.1 release of PHP as well via Curl.

That should read "without issue"...

WORKAROUND: Setting CURLOPT_SSL_VERIFYPEER to 0 will bypass error (and security).

Actually I experienced the problem only with the extension, php_curl.dll in the php extensions folder. Simply replacing the dll with the version from 4.3.0 fixed the problem, so I suspected something wrong with one of the dlls.

It was returning blank response when I used curl.

Did you replace _all_ existing extra dlls in your system from the dlls/ folder from the 4.3.1 package?

This doesn't look like a bug but the expected behavior with libcurl 7.10 or later. As can be read with somewhat more details here:

http://curl.haxx.se/lxr/source/SSLCERTS

Not bug -> bogus.

Differences between 4.3.0 php_curl.dll and 4.3.1 is
4.3.0 is 176KB and 4.3.1 is 120KB.

Also, it doesn't work with the php_gd2.dll from 4.3.1, I have to use the php_gd2.dll from 4.3.0, so the problem is probably related to both php_gd2.dll and php_curl.dll, as my script only works when I use the previous versions of both of these files.

The DLLs which I install on Win2k are expat.dll, libeay32.dll, libmhash.dll, sablot.dll, and ssleay32.dll, all from the 4.3.1 release. (overwriting the old DLLs from the previous php)

Here is the code snippet if you want to test:

$URL=""; 
$ch = curl_init();    
curl_setopt($ch, CURLOPT_URL,"https://$URL");  
curl_setopt($ch, CURLOPT_POST, 1); 
curl_setopt($ch, CURLOPT_POSTFIELDS, "");
curl_exec($ch);
curl_close($ch);

It still doesn't work when I tried with

curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);

The line
curl_easy_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
does not work with the script with php 4.3.0
It just runs the script and doesn't do anything about the secure web page!

For Win2000: To get the 4.3.1 curl dll to work with https you now need to download the latest win32 curl library from http://curl.haxx.se and snag the ca-bundle.crt file from the lib directory.

Then in your PHP script, add the following setopt line to the rest of your curl_setopt commands:

curl_setopt($ch, CURLOPT_CAFILE, 'C:\Inetpub\ca-bundle.crt')

This worked for me and allowed me to discontinue using the CURLOPT_SSL_VERIFYPEER set to zero hack.

Scratch the CAFILE method, it doesn't work...my test was flawed :(

I've just tried the ca-bundle.crt method, and confirm that it doesn't seem to work.

By the way, can I use ca-bundle.crt to enable SSL in Apache, and how to find out how to do this?

Resolved. This works with

	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);