remote
Overrides the defaults for requests to remote servers
This option defines global default values for all requests that are made with the Kirby\Toolkit\Remote class.
Example
return [
'remote' => [
'agent' => 'My Awesome Site',
'timeout' => 20
]
];Configuring the list of allowed certificate authorities (CAs) for HTTPS requests
The security of remote requests to HTTPS URLs relies on the validity of the certificate chain. A well-known certificate authority must have signed the server certificate so that you and Kirby can be sure that the HTTPS connection is secure and was not tampered with. The allowed certificate authorities are listed in a so-called CA bundle.
Kirby ships with a CA bundle based on the Mozilla CA list. We keep that CA bundle up-to-date with new Kirby releases.
If you want to use a different CA bundle or disable verification completely (not recommended!), you can set the remote.ca option:
<?php
return [
'remote' => [
'ca' => ...
]
];Options are:
- An absolute path to a CA file in
.pemformat - An absolute path to a CA directory with certificate files that cURL can understand
- The special value
Remote::CA_INTERNALfor Kirby's internal CA (default) - The special value
Remote::CA_SYSTEMto use the CA bundle that is configured inphp.inior that was defined when PHP was compiled falseto disable TLS verification completely (not recommended!)
We recommend to use the CA bundle of your server operating system. This file is generally updated from system packages and therefore the most up-to-date list you can have.
If a CA bundle is configured in php.ini in the curl.cainfo option, Kirby will use this bundle by default by switching to the default value Remote::CA_SYSTEM. You can still override this default with the remote.ca option as explained above.