Thumbnail
HTTPS Client Certificate validation

Developed by

Intermediate
Intermediate

When an HTTPS connection is initialized, an HTTP client needs to check if the server certificate used to encrypt the connection is valid. This is done by verifying if that certificate has been issued by a reliable Certification Authority (CA).

The concrete5 HTTP client may use the PHP cURL extension or low-level socket connections.

Usually, the cURL extension is able to determine the list of these reliable Certification Authorities by reading some system files on Posix systems (such as Mac OS X and Linux).

Problems arise in case of Windows systems and/or socket connections: in this case we need to tell the HTTP client what are the reliable Certification Authorities.

This package downloads the list of reliable Certification Authorities used by Mozilla Firefox (more info here), and configures the concrete5 HTTP client to use it.

Since the list of reliable CA may change, you may need to update this list every now and then. This package will install an Automated Job and a console command (you can use): you should schedule one of them (the one you prefer), so that your concrete5 installation will always use up-to-date data.

 
Current Version: 0.9.0
Fully Translatable: Yes
Needs External Libraries: No
Compatible 8.2.0+
License: MIT
Support Response: Replies to tickets every few days.
Support Hosted: On concrete5.org
Needs extra server permissions: No
Needs Internet: No
Marketplace Tests:
Passed Automated Tests
Passed PRB Review