This repository has been archived by the owner on Nov 3, 2023. It is now read-only.
gracefully handle certificate error for Ext Repository #7575
Labels
Comments
|
What do you mean by "handled gracefully"? Using an insecure connection instead? |
|
Sorry for being unclear. What I expect is an actionable Error message like: The FAQ should show why such an error may be expected (no Root cert store, Root cert missing in Store, or transient error). Instead of linking to it, the help message could also be included in the error message. = |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
In #7548, @taca indicated that BSD distros and (to my knowledge) some Linux distros (like Arch) do not include a root certificate storage by default. Furthermore, the root certificate storages differ between distors and especially old LTS releases, which are still supported (e.g. older RHEL, CentOS), may not contain the StartSSL root certificate.
Independent of whether changing the issuer or not, the mandatory certificate verification may fail on some setups since at least PHP 5.6 (this also includes temporary connection errors with the certificate verification server!). Any errors concerning a failed certificate verification should be handled gracefully in the extension repository (and I assume this also applies to LiveUpdate) instead of crashing Contao.
The text was updated successfully, but these errors were encountered: