[phpxmlrpc] ssl verifyhost patch

Gaetano Giunta giunta.gaetano at sea-aeroportimilano.it
Tue Apr 4 10:24:36 BST 2006


In fact, if you look for patch #1450156 you will see there was a recent proposal for setting CAINFO.
It has been implemented as a new client method: SetCACertificate(), and it is now in CVS.

I think there would be no problems in adding a CAPath parameter to that method.
btw: the two options are mutually exclusive, are they?


> -----Original Message-----
> From: phpxmlrpc-bounces at lists.usefulinc.com
> [mailto:phpxmlrpc-bounces at lists.usefulinc.com]On Behalf Of Who Knows
> Sent: Monday, April 03, 2006 10:32 PM
> To: phpxmlrpc at lists.usefulinc.com
> Subject: [phpxmlrpc] ssl verifyhost patch
> In order for curl to verify a peer, the curl library must 
> know where the 
> trusted certificate authority certificates are.
> This is usually done by either putting all the trusted certs 
> in one file 
> or a directory of them which is indexed using an openssl 
> utility. ( at 
> least this it true on most Linux implementations )
> Reading one php reference it is possible to specify the 
> all trusted certificate authority certs in one file ) by setting some 
> environment variable with the full path to the file containing the 
> certs. I suppose this could be done by setting that in the 
> apache conf, 
> but I prefer the path method, and programatic control.
> The enclosed patch adds two variables, and two functions to set the 
> variables in the xmlrpc client class. The patch also 
> hopefully correctly 
> implements them where needed.
> I have successfully tested these on a Linux dstribution.
> Regards,
> Jim

More information about the phpxmlrpc mailing list