|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #69035 curl error setting CURLOPT_CAINFO .crt file inside PHAR
Submitted: 2015-02-12 07:44 UTC Modified: 2015-02-12 08:01 UTC
From: sebastian at phpbu dot de Assigned:
Status: Not a bug Package: cURL related
PHP Version: 5.6.5 OS: Linux (Debian Wheezy)
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: sebastian at phpbu dot de
New email:
PHP Version: OS:


 [2015-02-12 07:44 UTC] sebastian at phpbu dot de
The Error occures if you create a PHAR with a .crt file in it.

Setting the CURLOPT_CAINFO option and linking a .crt file within the phar
leads to an error like this

Curl failed to exec error setting certificate verify locations:
  CAfile: phar:///tmp/my.phar/demo/ca.crt
  CApath: /etc/ssl/certs
in phar:///tmp/my.phar/demo/example.php:9

Setting CURLOPT_CAPATH to __DIR__ doesn't help either.

Dumping the .crt file to stdOut works in phar mode so the file is there.
Not compiled to phar the code works fine.

PHP 5.6.5
curl 7.26.0 (x86_64-pc-linux-gnu) libcurl/7.26.0 OpenSSL/1.0.1e zlib/1.2.7 libidn/1.25 libssh2/1.4.2 librtmp/2.3

Test script:
// curl setup
$handle = curl_init();
$caFile = __DIR__ . '/ca.crt';

// check for crt file just to make sure its in the phar
if (!is_file($caFile)) {
    throw new Exception("Failed to load ca certificate");
curl_setopt($handle, CURLOPT_CAINFO, $caFile);

// optionaly use this as well
//curl_setopt($handle, CURLOPT_CAPATH, __DIR__);

// make phar file containing this and a .crt file
// contents of .crt doesn't matter for demonstration

Expected result:
In a PHAR I want to link curl to .crt files i provide within the phar.

Actual result:
Curl can't access the .crt file within the phar

Curl failed to exec error setting certificate verify locations:
  CAfile: phar:///tmp/my.phar/demo/ca.crt


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2015-02-12 08:01 UTC]
-Status: Open +Status: Not a bug
 [2015-02-12 08:01 UTC]
cURL is a third-party library. It doesn't know about things like phars, and unfortunately there's no way to pass it the certificate as a string.
However you can dump the contents of the cert to a temp file, run your cURL operations, then delete the file.
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Tue Mar 09 04:01:24 2021 UTC