Opened 10 years ago
Closed 10 years ago
#30667 closed enhancement (worksforme)
Allow custom certificate store for WordPress HTTP API
Reported by: | lukeschlather | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | HTTP API | Keywords: | |
Focuses: | Cc: |
Description (last modified by )
We run a multisite deployment with development/staging environments where we test updates prior to pushing them out to production. These run on HTTPS using certificates signed by our internal certificate authority.
When we attempt a network update, we receive an SSL error. Now, we presently add our certificates to WordPress' certificate store, but we prefer not to patch core every time we ingest an update.
My thinking is there should be a filter added that allows a plugin to specify a custom SSL CA store that will be automatically loaded. Does this seem reasonable?
Change History (2)
Note: See
TracTickets for help on using
tickets.
Hi lukeschlather, thanks for the report!
You should be able to do this already through the
http_request_args
filter:There's not really a way to tell if the user passed their own in, but checking if it's
=== ABSPATH . WPINC . '/certificates/ca-bundle.crt'
is pretty safe.