Disabling ssl certification check

[DylanBowden]

Hi,

According to http://mink.behat.org/#gouttedriver the client can be initiated with an array of zend_http_client options. Since I don't valid certifications on all machines, I have tried to disable certification as follows with no success:

$gouttedriver = new \Behat\Mink\Driver\GoutteDriver(
new \Behat\Mink\Driver\Goutte\Client(array(
'curloptions' => array(
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_CERTINFO => false
),
)
), array());

Is there a way of doing it that works?

[mtdowling]

Goutte is actually using Guzzle now instead of Zend's HTTP client (you could open a ticket with them update their docs too). I'm not sure how Mink is instantiating the Guzzle client used with Goutte, but if it allows you to pass an array of options to the client, then something like the following should work:

<?php
$gouttedriver = new \Behat\Mink\Driver\GoutteDriver(
    new \Behat\Mink\Driver\Goutte\Client(array(
        'curl.CURLOPT_SSL_VERIFYPEER' => false,
        'curl.CURLOPT_CERTINFO'       => false
    ))
), array());

[DylanBowden]

Thank you for the reply. Reading through the code and Guzzle docs, it seems that \Behat\Mink\Driver\Goutte\Client does not take such a config in it's construct. However, I was able to tap into another method that worked like this:

<?php
use Guzzle\Http\Client as GuzzleClient;
$client = new \Behat\Mink\Driver\Goutte\Client();
$gouttedriver = new \Behat\Mink\Driver\GoutteDriver(
    $client
);
$client->setClient(new GuzzleClient('', array(
     'curl.CURLOPT_SSL_VERIFYPEER' => false,
     'curl.CURLOPT_CERTINFO'       => false
    ))); 

[mtdowling]

Glad to see you got it working. It might be a good idea to open a ticket with Mink to see if they can update their Goutte driver to work better with Guzzle. Thanks for bringing this up.

@fabpot I think this issue can be closed.

[babaganoush]

The following solutions will work:

Disable SSL checks in Goutte

In your behat.yml file

goutte:
guzzle_parameters:
curl.options:
CURLOPT_SSL_VERIFYPEER: false
CURLOPT_CERTINFO: false
CURLOPT_TIMEOUT: 120
ssl.certificate_authority: false
If that fails try this:

setClient(new GuzzleClient('', array( 'curl.CURLOPT_SSL_VERIFYPEER' => false, 'curl.CURLOPT_CERTINFO' => false )));

[antsanchez]

I couldn't get it to work on Laraveil until I did that:
on vendor\guzzlehttp\guzzle\src\Handler\CurlFactory.php change the lines 302 -337

if (isset($options['verify'])) {
            if ($options['verify'] === false) {
                unset($conf[CURLOPT_CAINFO]);
                $conf[CURLOPT_SSL_VERIFYHOST] = 0;
                $conf[CURLOPT_SSL_VERIFYPEER] = false;
            } else {
                $conf[CURLOPT_SSL_VERIFYHOST] = 2;
                $conf[CURLOPT_SSL_VERIFYPEER] = true;
                if (is_string($options['verify'])) {
                    $conf[CURLOPT_CAINFO] = $options['verify'];
                    if (!file_exists($options['verify'])) {
                        throw new \InvalidArgumentException(
                            "SSL CA bundle not found: {$options['verify']}"
                        );
                    }
                }
            }
        }

for that

unset($conf[CURLOPT_CAINFO]);
$conf[CURLOPT_SSL_VERIFYHOST] = 0;
$conf[CURLOPT_SSL_VERIFYPEER] = false;

Somehow, the config options where not being used, so I had to do that.

[spagu]

how to enable behat.yml configs ? should I load it somehow ?

[Yuri-Failer]

@babaganoush,
Tnx, settings for behat.yml work for me.

[egulhan]

You do not need to modify core lib. file. It works if you use like the following:

require('vendor/autoload.php');
use Goutte\Client;

$client = new Client();
use GuzzleHttp\Client as GuzzleClient;

$client->setClient(new GuzzleClient(array(
    // DISABLE SSL CERTIFICATE CHECK
    'verify' => false,
)));