Skip to main content

PHP + cURL + SSL query

Comments

3 comments

  • cPanelMichael
    Hello :) Yes, it's acceptable to use the /etc/pki/tls/certs/ca-bundle.crt file for cURL. cURL should use this file by default, but you can verify this by running a test cURL command with the verbose flag on your server. EX:
    curl -v 'https://test.domain.tld/index.php' > test.index.html
    Could you elaborate more on the question about the update of this file from cPanel? What's the behavior you are expecting? Thank you.
    0
  • imcjd
    Hi Michael, Thanks for the response. I just wondered if cPanel ever takes responsibility for updating the ca-bundle.crt file or it's left to the OS? As I understand it, the root certificates referenced in that file get updated semi-regularly thus the file needs to be kept up-to-date?
    0
  • cPanelMichael
    Hello :) The file you are referring to is controlled and updated by your operating system. For example, here's the output that shows which package is associated with the file:
    # rpm -qf /etc/pki/tls/certs/ca-bundle.crt ca-certificates-2015.2.6-70.1.el7_2.noarch
    As far as automatically populating the CABundle field when installing a SSL certificate through cPanel/WHM, that's handled through an external cPanel repository. Thank you.
    0

Please sign in to leave a comment.