[Pkg-php-pecl] Bug#886371: php-http looses ca-file-path
Andreas Sachs
as at vsd.volley.de
Thu Jan 4 23:56:30 UTC 2018
Package: php-http
Version: 3.1.0+2.6.0-4
As soon as you set ssl-options the default cainfo/capath get's lost.
Error:
Peer certificate cannot be authenticated with given CA certificates; SSL
certificate problem: unable to get local issuer certificate
If I don't set any ssl options I see the following with strace:
open("/dev/urandom", O_RDONLY|O_NOCTTY|O_NONBLOCK) = 4
open("/etc/ssl/certs/ca-certificates.crt", O_RDONLY) = 4
open("/tmp/phpOi2cQV", O_RDWR|O_CREAT|O_EXCL, 0600) = 4
To reproduce:
$httpOptions = array(
'ssl' => array(
'verifypeer' => 1,
'verifyhost' => 1,
),
'timeout' => 5
);
$request = new \http\Client\Request('GET','https://pear.horde.org/');
$client = new \http\Client('curl');
$client->setOptions($httpOptions);
$client->enqueue($request);
try {
$client->send();
$httpResponse = $client->getResponse($request);
print_r($httpResponse);
} catch (\http\Exception $e) {
print_r($e);
}
I am using Debian 9.3
More information about the Pkg-php-pecl
mailing list