Learn about Centmin Mod LEMP Stack today
Register Now

Master Branch add check_php_cainfo_file function in 123.09beta01

Discussion in 'Centmin Mod Github Commits' started by eva2000, Nov 2, 2021.

  1. eva2000

    eva2000 Administrator Staff Member

    53,191
    12,113
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,649
    Local Time:
    5:04 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    add check_php_cainfo_file function in 123.09beta01

    - Update download url for cacert.pem downloaded at https://curl.se/docs/caextract.html and saved at /etc/ssl/certs/cacert.pem and used for PHP CA Trust bundle via curl.cainfo PHP directive referenced in /etc/centminmod/php.d/curlcainfo.ini PHP settings file for PHP 7+ & PHP 8
    - Add check_php_cainfo_file function to inc/cpcheck.inc to run on centmin.sh runs to check if downloaded /etc/ssl/certs/cacert.pem file is older than 90 days and if older, download an updated cacert.pem file. Latest updated cacert.pem file dated September 30, 2021 has removed the Letsencrypt DST Root CA X3 expired certificate from it's bundle of trusted CAs as outlined at https://blog.centminmod.com/2021/10/02/2425/centmin-mod-managing-letsencrypt-dst-root-ca-x3-certificate-expiration-on-centos-7/
    - This check was already done whenever someone runs centmin.sh menu option 5 to upgrade or recompile PHP. This update just adds an additional check at centmin.sh menu runtime.
    - Existing users can update by running cmupdate command and then running and exiting once from centmin.sh menu

    Continue reading...


    Centmin Mod Github Master branch

    Master branch is where most recent commits are made as at May 24, 2015.