Quote Originally Posted by cptok View Post
This is a very dangerous change. It has come up before in this thread and I DO NOT recommend anyone doing this. The reason that works is because you're stopping SSL cert validation (hence my original suggestion that you had SSL issue). To turn off that verification is a "hack" to make an incorrect SSL cert work anyway, and I do not recommend security eliminating hacks when dealing with credit card data. Do this entirely at your own risk - and accepting all potential consequences - but please do not recommend this as a solution to the QBMS crowd.

You are right however - this appears to be a Windows thing - so proper "fix" for this is to also use CURLOPT_CAINFO to provide validation info to curl.

Thanks for the suggestion of the proper fix.

The code change that was made
From:
curl_setopt($clientURL, CURLOPT_SSL_VERIFYPEER, 1);

To:
curl_setopt($clientURL, CURLOPT_CAINFO, 'c:\\Websites\\cert\\ca-bundle.crt');
curl_setopt($clientURL, CURLOPT_SSL_VERIFYPEER, 1);

This works correctly as far as I could tell, Again this for Window
servers.
Again I want to thank you for your help.