Facebook Connect PHP SDK Curl Peer SSL Verification Error

I'm integrating Facebook Connect into our application. I thought using Facebook Official SDK at http://github.com/facebook/php-sdk is the best way, as it is advertised on FB Developers wiki.

But I couldn't manage to make it work. When investigating the API code, I remembered my previous experiences about CURLOPT_SSL_VERIFYPEER parameter. This parameter has a default value of "true", and in the API it is not set, implicitly it is set as true.

I changed CURLOPT_SSL_VERIFYPEER parameter to false, and problem is solved. Using it as true, what I can get from Graph API for /get/me query was "boolean(false)" however setting it CURLOPT_SSL_VERIFYPEER parameter to false开发者_开发百科 same curl query gave me the user json object.

What I want to ask here is that, what are the side effects of using Facebook PHP SDK as "CURLOPT_SSL_VERIFYPEER" parameter is set to false. More generally, does it make sense if I init a curl session without peer verification.

---

Something is wrong with your PHP installation. Most likely, you don't have the ENTRUST intermediate cert needed to validate SSL certificate. This is their cert chain,

Certificate chain
 0 s:/C=US/ST=California/L=Palo Alto/O=Facebook, Inc./CN=*.facebook.com
   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance CA-3
 1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance CA-3
   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
 2 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
   i:/C=US/O=Entrust.net/OU=www.entrust.net/CPS incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Secure Server Certification Authority

Setting CURLOPT_SSL_VERIFYPEER to false simply disables certificate check. You shouldn't do that in production.

---

Try this, It solved the problem for me

Facebook::$CURL_OPTS[CURLOPT_SSL_VERIFYPEER] = false; Facebook::$CURL_OPTS[CURLOPT_SSL_VERIFYHOST] = 2;