[phpxmlrpc] ssl verifyhost patch
giunta.gaetano at sea-aeroportimilano.it
Tue Apr 4 10:24:36 BST 2006
In fact, if you look for patch #1450156 you will see there was a recent proposal for setting CAINFO.
It has been implemented as a new client method: SetCACertificate(), and it is now in CVS.
I think there would be no problems in adding a CAPath parameter to that method.
btw: the two options are mutually exclusive, are they?
> -----Original Message-----
> From: phpxmlrpc-bounces at lists.usefulinc.com
> [mailto:phpxmlrpc-bounces at lists.usefulinc.com]On Behalf Of Who Knows
> Sent: Monday, April 03, 2006 10:32 PM
> To: phpxmlrpc at lists.usefulinc.com
> Subject: [phpxmlrpc] ssl verifyhost patch
> In order for curl to verify a peer, the curl library must
> know where the
> trusted certificate authority certificates are.
> This is usually done by either putting all the trusted certs
> in one file
> or a directory of them which is indexed using an openssl
> utility. ( at
> least this it true on most Linux implementations )
> Reading one php reference it is possible to specify the
> CURLOP_CAINFO (
> all trusted certificate authority certs in one file ) by setting some
> environment variable with the full path to the file containing the
> certs. I suppose this could be done by setting that in the
> apache conf,
> but I prefer the path method, and programatic control.
> The enclosed patch adds two variables, and two functions to set the
> variables in the xmlrpc client class. The patch also
> hopefully correctly
> implements them where needed.
> I have successfully tested these on a Linux dstribution.
More information about the phpxmlrpc