Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/pronamic/wp-http-extended-ssl-support

This library extends the WordPress HTTP API with additional SSL options. It provides the option to pass the cURL options CURLOPT_SSLCERT, CURLOPT_SSLKEY and CURLOPT_SSLKEYPASSWD to requests.
https://github.com/pronamic/wp-http-extended-ssl-support

curl http pronamic ssl ssl-certificates tls tls-certificate wordpress wordpress-api wordpress-hooks wordpress-http-api wordpress-https wordpress-plugin

Last synced: 2 days ago
JSON representation

This library extends the WordPress HTTP API with additional SSL options. It provides the option to pass the cURL options CURLOPT_SSLCERT, CURLOPT_SSLKEY and CURLOPT_SSLKEYPASSWD to requests.

Host: GitHub
URL: https://github.com/pronamic/wp-http-extended-ssl-support
Owner: pronamic
License: gpl-2.0
Created: 2024-06-11T10:32:16.000Z (4 months ago)
Default Branch: main
Last Pushed: 2024-09-09T13:59:36.000Z (18 days ago)
Last Synced: 2024-09-21T01:33:17.862Z (6 days ago)
Topics: curl, http, pronamic, ssl, ssl-certificates, tls, tls-certificate, wordpress, wordpress-api, wordpress-hooks, wordpress-http-api, wordpress-https, wordpress-plugin
Language: PHP
Homepage:
Size: 24.4 KB
Stars: 1
Watchers: 4
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # Additional SSL Options for WordPress HTTP API

This library extends the WordPress HTTP API with additional SSL options. It provides the option to pass the cURL options `CURLOPT_SSLCERT`, `CURLOPT_SSLKEY` and `CURLOPT_SSLKEYPASSWD` to requests.

## Usage

```php

\wp_remote_get(

	$url,

	[

		'ssl_certificate'  => \ABSPATH . '/../private/your-certificate.pem',

		'ssl_key'          => \ABSPATH . '/../private/your-key.pem',

		'ssl_key_password' => 'your-password', 

	]

);

```

```php

\wp_remote_get(

	$url,

	[

		'ssl_certificate_blob' => '-----BEGIN CERTIFICATE-----', // Must be a full SSL certificate string.

		'ssl_key_blob'         => '-----BEGIN ENCRYPTED PRIVATE KEY-----', // Must be a full SSL key string.

		'ssl_key_password'     => 'your-password', 

	]

);

```

## TLS backends and cURL

It is good to realize that PHP and cURL can work with different TLS backends. Not all TLS backends have support for all cURL SSL options. An overview of all cURL options and their support in the various TLS backends can be found at https://curl.se/libcurl/c/tls-options.html, below a part of this table from June 11, 2024:

> libcurl can use different TLS backends, selected at both build-time and run-time. This table shows all TLS related options and details the set of TLS backends that work with it.

> 

> The **OpenSSL** column also covers BoringSSL, libressl, quictls, AWS-LC and AmiSSL.

> 

> option | BearSSL | GnuTLS | mbedTLS | OpenSSL | rustls | Schannel | Secure Transport | wolfSSL

> -- | -- | -- | -- | -- | -- | -- | -- | --

> `CURLOPT_KEYPASSWD` |   |   | ✔ | ✔ |   | ✔ |   | ✔

> `CURLOPT_SSLCERT` |   | ✔ | ✔ | ✔ |   | ✔ | ✔ | ✔

> `CURLOPT_SSLCERTTYPE` |   | ✔ | ✔ | ✔ |   | ✔ | ✔ | ✔

> `CURLOPT_SSLCERT_BLOB` |   |   | ✔ | ✔ |   | ✔ | ✔ |  

> `CURLOPT_SSLENGINE` |   |   |   | ✔ |   |   |   |  

> `CURLOPT_SSLENGINE_DEFAULT` |   |   |   | ✔ |   |   |   |  

> `CURLOPT_SSLKEY` |   |   | ✔ | ✔ |   | ✔ |   | ✔

> `CURLOPT_SSLKEYTYPE` | ✔ |   |   | ✔ |   |   |   | ✔

> `CURLOPT_SSLKEY_BLOB` |   |   |   | ✔ |   |   |   |  

> `CURLOPT_SSLVERSION`  | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔

## Links

- https://github.com/WordPress/Requests/issues/377

- https://core.trac.wordpress.org/ticket/34883

- https://curl.se/libcurl/c/tls-options.html