Set up cURL¶
cURL (short for Client URL) is a library and command-line tool for transferring data using various network protocols. You should already have it installed as a dependency of PHP cURL extension, and this page only documents how to configure your certificates so that cURL can find and use them.
If using macOS, add the root certificate to the OpenSSL certificate bundle¶
Since curl
on macOS will not check System Keychain to validate the
certificate, you will need to add it to the openssl
RCA certificates
bundle. First, check where is the correct location of the bundle with:
php -r "print_r(openssl_get_cert_locations());"
You should receive an output similar to:
Array
(
[default_cert_file] => /opt/local/etc/openssl/cert.pem
[default_cert_file_env] => SSL_CERT_FILE
[default_cert_dir] => /opt/local/etc/openssl/certs
[default_cert_dir_env] => SSL_CERT_DIR
[default_private_dir] => /opt/local/etc/openssl/private
[default_default_cert_area] => /opt/local/etc/openssl
[ini_cafile] =>
[ini_capath] =>
)
The value of default_cert_file
key from above is the location of the
bundle where the RCA certificates are stored. Add your own RCA
certificate to the bundle with:
sudo bash -c "cat ~/ssl/root.crt >> /opt/local/etc/openssl/cert.pem"
With this, you should be able to use curl
from the command line to
access your local installation over HTTPS. Provided you have installed
the websites in the NGINX step, check that everything is correct with:
curl --head https://phpinfo.php74
Make sure that scheme part of the URL from the command above is
https
. You should receive an output like below:
HTTP/1.1 200 OK
Server: nginx/1.19.8
Date: Wed, 31 Mar 2021 08:31:24 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/7.4.16