I’m confused.
The library for my credit card processor api creates a secure connection with curl.
I have downloaded some certificates from verisign and the location of the cert is set in the CURLOPT_CAINFO of curl.
When I run the script on my live server, all is well, but when I try it on my development machine, I get a curl error:
error setting certificate verify locations: CAfile: certs.pem CApath: none
After reading around I tried the dubious solution of setting CURLOPT_SSL_VERIFYPEER to false. Lo and behold it ‘fixes’ the problem.
I don’t really understand what’s happening here. Is my local machine having problems with the verisign certs? Or could there be some other setup-specific variable that’s causing the failure? Should I need another certificate for my machine which, perhaps my live machine already has?
Any ideas? Before I just remove the peer verification on the dev box?