Runtime Configuration
The behaviour of these functions is affected by settings in php.ini.
openssl Configure Options
| Name |
Default |
Changeable |
Changelog |
| openssl.cafile |
"" |
INI_PERDIR |
|
| openssl.capath |
"" |
INI_PERDIR |
|
| openssl.libctx |
"custom" |
INI_PERDIR |
|
For further details and definitions of the
INI_* modes, see the
Where a configuration setting may be set.
Here's a short explanation of
the configuration directives.
-
openssl.cafile
string
-
Location of Certificate Authority file on local filesystem which should
be used with the verify_peer context option to authenticate the
identity of the remote peer.
-
openssl.capath
string
-
If cafile is not specified or if the certificate is not found there, the
directory pointed to by capath is searched for a suitable certificate.
capath must be a correctly hashed certificate directory.
-
openssl.libctx
string
-
Specifies the type of OpenSSL library context to use.
The default value,
custom, creates a separate
library context for each worker or thread.
This improves isolation from other libraries using OpenSSL and,
in ZTS builds, increases separation between threads.
It is also possible to use the default value, which
causes PHP to use OpenSSL's global default library context.
See also the SSL stream context options.