I know I can explicitly set a certificate that curl should use, but due to the nature of my application, I dont want to have certificate management in my code.
Instead I would like to add the self-signed certificate to /etc/ssl/certs and let curl work.
After digging in goole I found that apparently Curl has its own location for certificates different than the OS /etc/ssl/certs, I also found how I can change it to a custom one by recompiling curl, but I cannot find what is the actual default.
Where should I put all the certificates so that curl and all libraries (guzzle, httpful, etc.) will work with them out of the box without any extra configuration.
My Answer:
The default location for SSL certificates used by PHP curl is typically in the cacert.pem file. You can download the latest version of this file from the curl website (https://curl.haxx.se/docs/caextract.html) and place it in a location that is accessible to your PHP installation.
One common location for this file is in the PHP installation directory, under a folder like /etc/php/7.4/cacert.pem. You can then configure PHP to use this file by setting the curl.cainfo directive in your php.ini file:
curl.cainfo = /etc/php/7.4/cacert.pem
Alternatively, you can set this directive programmatically in your PHP code using the ini_set function:
php
ini_set('curl.cainfo', '/etc/php/7.4/cacert.pem');
By placing the SSL certificates in the cacert.pem file and configuring PHP to use this file, you can ensure that curl and other libraries will work with the certificates out of the box without any extra configuration.
Rate this post
5 of 5 based on 2202 votesComments