composer/ca-bundle
Small utility library that lets you find a path to the system CA bundle, and includes a fallback to the Mozilla CA bundle.
Originally written as part of composer/composer, now extracted and made available as a stand-alone library.
Installation
Install the latest version with:
$ composer require composer/ca-bundle
Requirements
- PHP 5.3.2 is required but using the latest version of PHP is highly recommended.
Basic usage
Composer\CaBundle\CaBundle
- CaBundle::getSystemCaRootBundlePath(): Returns the system CA bundle path, or a path to the bundled one as fallback
- CaBundle::getBundledCaBundlePath(): Returns the path to the bundled CA file
- CaBundle::validateCaFile($filename): Validates a CA file using opensl_x509_parse only if it is safe to use
- CaBundle::isOpensslParseSafe(): Test if it is safe to use the PHP function openssl_x509_parse()
- CaBundle::reset(): Resets the static caches
To use with curl
$curl = curl_init("https://example.org/");
curl_setopt($curl, CURLOPT_CAINFO, \Composer\CaBundle\CaBundle::getSystemCaRootBundlePath());
$result = curl_exec($curl);
To use with php streams
$opts = array(
    'http' => array(
        'method' => "GET"
    )
);
$caPath = \Composer\CaBundle\CaBundle::getSystemCaRootBundlePath();
if (is_dir($caPath)) {
    $opts['ssl']['capath'] = $caPath;
} else {
    $opts['ssl']['cafile'] = $caPath;
}
$context = stream_context_create($opts);
$result = file_get_contents('https://example.com', false, $context);
License
composer/ca-bundle is licensed under the MIT License, see the LICENSE file for details.
