#51520 closed defect (bug) (wontfix)
Add certificates for “Staat der Nederlanden Private Root CA – G1” certificate chain
Reported by: | rockfire | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | HTTP API | Keywords: | |
Focuses: | Cc: |
Description
We are using an API which as of September 28th of this year is using the new “Staat der Nederlanden Private Root CA – G1” certificate chain (see: https://developers.kvk.nl/guides). Since these certificates aren't in the wp-includes/certificates/ca-bundle.crt a call to the API using wp_remote_get
fails. Can these certificates be added?
This issue can be tested by doing the following call:
wp_remote_get( 'https://api.kvk.nl/api/v2/testsearch/companies?kvkNumber=69599084' );
Change History (2)
Note: See
TracTickets for help on using
tickets.
Please note: the certificate chain in the example link is invalid for Mozilla (and other CA bundles)
You can see full report here: https://www.ssllabs.com/ssltest/analyze.html?d=api.kvk.nl&latest
Why should WordPress add an invalid certificate to its bundle?
You can follow that site instructions to fix this issue for you locally
You can even append certificate to your local WordPress
wp-includes/certificates/ca-bundle.crt
but you have to do this after every reinstall/core update.