composer/ca-bundle

Lets you find a path to the system CA bundle, and includes a fallback to the Mozilla CA bundle.

1.0.8 2017-09-11 07:24 UTC

README

Small utility library that lets you find a path to the system CA bundle, and includes a fallback to the Mozilla CA bundle.

Originally written as part of composer/composer, now extracted and made available as a stand-alone library.

Installation

Install the latest version with:

$ composer require composer/ca-bundle

Requirements

  • PHP 5.3.2 is required but using the latest version of PHP is highly recommended.

Basic usage

Composer\CaBundle\CaBundle

  • CaBundle::getSystemCaRootBundlePath(): Returns the system CA bundle path, or a path to the bundled one as fallback
  • CaBundle::getBundledCaBundlePath(): Returns the path to the bundled CA file
  • CaBundle::validateCaFile($filename): Validates a CA file using opensl_x509_parse only if it is safe to use
  • CaBundle::isOpensslParseSafe(): Test if it is safe to use the PHP function openssl_x509_parse()
  • CaBundle::reset(): Resets the static caches

To use with curl

$curl = curl_init("https://example.org/");

$caPathOrFile = \Composer\CaBundle\CaBundle::getSystemCaRootBundlePath();
if (is_dir($caPathOrFile) || (is_link($caPathOrFile) && is_dir(readlink($caPathOrFile)))) {
    curl_setopt($curl, CURLOPT_CAPATH, $caPathOrFile);
} else {
    curl_setopt($curl, CURLOPT_CAINFO, $caPathOrFile);
}

$result = curl_exec($curl);

To use with php streams

$opts = array(
    'http' => array(
        'method' => "GET"
    )
);

$caPathOrFile = \Composer\CaBundle\CaBundle::getSystemCaRootBundlePath();
if (is_dir($caPathOrFile) || (is_link($caPathOrFile) && is_dir(readlink($caPathOrFile)))) {
    $opts['ssl']['capath'] = $caPathOrFile;
} else {
    $opts['ssl']['cafile'] = $caPathOrFile;
}

$context = stream_context_create($opts);
$result = file_get_contents('https://example.com', false, $context);

License

composer/ca-bundle is licensed under the MIT License, see the LICENSE file for details.