What potential pitfalls should be considered when setting up SSL in PHP?

One potential pitfall when setting up SSL in PHP is not verifying the SSL certificate of the server you are connecting to. This can leave your application vulnerable to man-in-the-middle attacks. To mitigate this risk, you should always verify the SSL certificate of the server before establishing a connection.

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://example.com');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
$response = curl_exec($ch);
curl_close($ch);