Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 2.5.1

Bug #18443 Curl Adaptor ignores SSL settings on redirects
Submitted: 2011-04-14 05:32 UTC
From: nateweiner Assigned: avb
Status: Closed Package: HTTP_Request2 (version 2.0.0beta3)
PHP Version: 5.3.6 OS:
Roadmaps: (Not assigned)    
Comments Add Comment Add patch

Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know! Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
Solve the problem : 29 - 13 = ?

 [2011-04-14 05:32 UTC] nateweiner (Nate Wweiner)
Description: ------------ If setting ssl_verify_peer or ssl_verify_host, the Curl Adaptor will ignore these settings for redirects if the origin url was not https. For example: Starting with: Which resolves to: The redirected url gives the standard curl error when ssl ca's are not configured: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Line 343 of Curl.php shows: if (0 == strcasecmp($this->request->getUrl()->getScheme(), 'https')) { This seems to only set the ssl options if the request url is https.


 [2011-04-14 05:34 UTC] nateweiner (Nate Wweiner)
Should note that if you start with the resolved https nytimes link it works.
 [2011-05-06 12:33 UTC] avb (Alexey Borzov)
-Status: Open +Status: Closed -Assigned To: +Assigned To: avb
This bug has been fixed in SVN. If this was a documentation problem, the fix will appear on by the end of next Sunday (CET). If this was a problem with the website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better.