[wp-trac] [WordPress Trac] #25007: WP_HTTP_Fsockopen does not verify SSL certificates

WordPress Trac noreply at wordpress.org
Tue Sep 17 04:17:28 UTC 2013

#25007: WP_HTTP_Fsockopen does not verify SSL certificates
 Reporter:  rmccue            |       Owner:
     Type:  defect (bug)      |      Status:  new
 Priority:  normal            |   Milestone:  3.7
Component:  HTTP              |     Version:
 Severity:  major             |  Resolution:
 Keywords:  needs-unit-tests  |

Comment (by dd32):

 @pavelevap Can you do some debugging to try to narrow down the issue at

 * Does the file exist in wp-includes?
 * Are the permissions on the file open enough to allow the file to be
 read? (What does `var_dump( is_readable( ABSPATH . WPINC . '/certificates
 /ca-bundle.crt' ) );` return?)
 * Do you have any anti-virus running on that PC, is it locking the file?
 * Are you using cURL or Streams for outgoing connections? (You can install
 my Core Control plugin and use it's 'HTTP Access' module to find out)


 Separate from the above - What should we do when the sslcertificate passed
 in isn't readable?
  * sslcertificate => false|null|true|anything not a file
  * sslcertificate => file that's not readable

 1. `if ( sslcertificate && ! is_readable( sslcertificate ) return new
 WP_ERROR( "Unreadable certificate" );`
 1. `if ( ! sslcertificate || ! is_readable( sslcertificate ) )
 sslcertificate = core certificate`
 1. `if ( ! sslcertificate ) Do not specify CA path/file in Streams/cURL

 !#1 and !#3 go together well, !#2 seems like it'd be not-advised.

Ticket URL: <http://core.trac.wordpress.org/ticket/25007#comment:36>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list