Related to my previous post about Laravel. Guzzle and Nginx I ran into an issue with our proxy. The proxy is always a source of fun and games.
Because the proxy breaks open SSL traffic to scan the content the clients are required to have an SSL certificate installed that tells them to trust our proxy server certificate. In Windows and Linux you can insert the CA cert into the OS using group policy or writing it into the certificate store.
Curl uses it’s own certificate store so we needed to copy the proxy CA cert into the curl store.
On Windows there wasn’t a certificate store. I created one in a location that would remain even if anything was updated or moved.
cacert.pem file and place it in
c:\certs. Then I just added my proxy cert in PEM on the end.
C:> type proxy.pem >> c:\certs\cacert.pem
php.ini and change the curl setting to point at the new
[curl] curl.cainfo = c:/certs/cacert.pem
You can find what php.ini you are using with:
C:> php --ini Configuration File (php.ini) Path: C:\windows Loaded Configuration File: C:\tools\php73\php.ini Scan for additional .ini files in: (none) Additional .ini files parsed: (none)
Restart any php service, like Apache, Nginx, Artisan, etc. and curl should then trust the proxy server.