verify

Summary

Describes the SSL certificate verification behavior of a request.

  • Set to true to enable SSL certificate verification and use the default CA bundle provided by operating system.
  • Set to false to disable certificate verification (this is insecure!).
  • Set to a string to provide the path to a CA bundle to enable verification using a custom certificate.

Types

  • bool
  • string

Default

true

Constant

GuzzleHttp\RequestOptions::VERIFY

  1. // Use the system's CA bundle (this is the default setting)
  2. $client->request('GET', '/', ['verify' => true]);
  3. // Use a custom SSL certificate on disk.
  4. $client->request('GET', '/', ['verify' => '/path/to/cert.pem']);
  5. // Disable validation entirely (don't do this!).
  6. $client->request('GET', '/', ['verify' => false]);

If you do not need a specific certificate bundle, then Mozilla provides a commonly used CA bundle which can be downloaded here (provided by the maintainer of cURL). Once you have a CA bundle available on disk, you can set the “openssl.cafile” PHP ini setting to point to the path to the file, allowing you to omit the “verify” request option. Much more detail on SSL certificates can be found on the cURL website.