New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deleting all SSL root certificates breaks curl requests #15710
Comments
Probably a "somewhat" regression. Stable releases actually don't do SSL really properly wrt to this storage etc. Will fix this for 8.1 |
@LukasReschke What is the status here? 8.1 is here very soon :-) |
On current master:
@oparoz May I ask you to recheck this and if this still fails for you give me some guidance on what we did different? 😄 |
@LukasReschke - I'll give it another go later, but when you say that |
The content from ca-bundle.crt in the config folder. |
Ah, yeah, but that's a recently introduced feature if I'm not mistaken, so that should work now. |
OK, I can't even install the certificate and will file a separate bug first... |
As an admin, rootcerts.crt is now populated with the bundle, so there is hope :) |
With #16289, I was able to install and remove certs as a user and the |
Great. Thanks for confirmation 💃 Though this is still completely broken in any other version than master but that is nothing we can backport. 🙈 |
Yeah, it's a shame because that means people will have to wait for all their contacts to upgrade to 8.1 before being able to securely share files, but that should only take a few months. |
Env
Master, PHP 5.5
Steps to reproduce
As a non-admin user
Expected behaviour
Files should be able to connect to all the remote folders
Actual behaviour
Instead, this is what is shown in the browser logs
"Sabre\DAV\Exception: [CURL] Error while making request: error setting certificate verify locations: CAfile: /www/data/demo1/files_external/rootcerts.crt CApath: none (error code: 77)"
That
rootcerts.crt
file weighs 0 bytes. Deleting it solves the problem.Not sure if it's a regression or if it's always been like this.
The text was updated successfully, but these errors were encountered: