Small utility library that lets you find a path to the system CA bundle, and includes a fallback to the Mozilla CA bundle.
Originally written as part of composer/composer, now extracted and made available as a stand-alone library.
Install the latest version with:
$ composer require composer/ca-bundle
Composer\CaBundle\CaBundle
CaBundle::getSystemCaRootBundlePath()
: Returns the system CA bundle path, or a path to the bundled one as fallbackCaBundle::getBundledCaBundlePath()
: Returns the path to the bundled CA fileCaBundle::validateCaFile($filename)
: Validates a CA file using opensl_x509_parse only if it is safe to useCaBundle::isOpensslParseSafe()
: Test if it is safe to use the PHP function openssl_x509_parse()CaBundle::reset()
: Resets the static caches$curl = curl_init("https://example.org/");
$caPathOrFile = \Composer\CaBundle\CaBundle::getSystemCaRootBundlePath();
if (is_dir($caPathOrFile) || (is_link($caPathOrFile) && is_dir(readlink($caPathOrFile)))) {
curl_setopt($curl, CURLOPT_CAPATH, $caPathOrFile);
} else {
curl_setopt($curl, CURLOPT_CAINFO, $caPathOrFile);
}
$result = curl_exec($curl);
$opts = array(
'http' => array(
'method' => "GET"
)
);
$caPathOrFile = \Composer\CaBundle\CaBundle::getSystemCaRootBundlePath();
if (is_dir($caPathOrFile) || (is_link($caPathOrFile) && is_dir(readlink($caPathOrFile)))) {
$opts['ssl']['capath'] = $caPathOrFile;
} else {
$opts['ssl']['cafile'] = $caPathOrFile;
}
$context = stream_context_create($opts);
$result = file_get_contents('https://example.com', false, $context);
$client = new \GuzzleHttp\Client([
\GuzzleHttp\RequestOptions::VERIFY => \Composer\CaBundle\CaBundle::getSystemCaRootBundlePath()
]);
composer/ca-bundle is licensed under the MIT License, see the LICENSE file for details.