5

We run Zend Server 7 with PHP on a V7R1 IBM i. We use the cURL PHP extension to call SSL-secured web services. We need to specify a CA cert bundle so cURL can verify the web service cert.

Ideally, we would like some way to use the SYSTEM certificate store for this so we only need to manage certificates in one place since we also make SSL-secured web service calls from RPG.

System details:

IBM i: V7R1

PHP: 5.4.29

cURL: 7.21.0 with OpenSSL/0.9.8y

Community
  • 1
  • 1
Joel Anair
  • 13,832
  • 3
  • 31
  • 36
  • as a suggestion I recommend you to find if it possible to integrate libcurl (or cURL) with the cert storage (ignoring PHP). If there's a way, you can implement it with PHP configuration (if required configuration allowed in PHP) or using your custom console curl handler. – Electronick Apr 20 '15 at 12:19

1 Answers1

1

It is only possible to do so if you know where the system CA cert store is, and it is stored in PEM files in the way OpenSSL wants them. Then you point out that file/dir with the normal curl options for that purpose.

On most non-linux systems, this is not possible.

Daniel Stenberg
  • 54,736
  • 17
  • 146
  • 222