Summary

Describes the SSL certificate verification behavior of a request.

- Set to to enable SSL certificate verification and use the defaultCA bundle provided by operating system.
- Set to false to disable certificate verification (this is insecure!).
- Set to a string to provide the path to a CA bundle to enable verificationusing a custom certificate.

Types

- bool
- string

Default

true

Constant

GuzzleHttp\RequestOptions::VERIFY

• Check if openssl.cafile is set in your php.ini file.
• Check if curl.cainfo is set in your php.ini file.
• Check if exists (Ubuntu, Debian;provided by the ca-certificates package)
• Check if /usr/local/share/certs/ca-root-nss.crt exists (FreeBSD;provided by the ca_root_nss package)
• Check if C:\windows\system32\curl-ca-bundle.crt exists (Windows)
• Check if exists (Windows)
  The result of this lookup is cached in memory so that subsequent callsin the same process will return very quickly. However, when sending onlya single request per-process in something like Apache, you should considersetting the openssl.cafile environment variable to the path on diskto the file so that this entire process is skipped.

If you do not need a specific certificate bundle, then Mozilla provides acommonly used CA bundle which can be downloaded(provided by the maintainer of cURL). Once you have a CA bundle available ondisk, you can set the "openssl.cafile" PHP ini setting to point to the path tothe file, allowing you to omit the "verify" request option. Much more detail onSSL certificates can be found on thecURL website.