The Publisher class does not work with a self-signed certificate

Question

The Publisher class does not work with a self-signed certificate

jevillard opened this issue 5 years ago · 3 comments

Hello,

For one of my projects, I installed Mercure in HTTPS mode and so in locally my Mercure hub is accessible via a self signed certificate.
Except that the publish function does not take into account this case.
The function could look like this:

$result = @file_get_contents($this->hubUrl, false, stream_context_create(
    [
        'http' => [
            'method' => 'POST',
            'header' => "Content-type: application/x-www-form-urlencoded\r\nAuthorization: Bearer $jwt",
            'content' => $postData,
        ],
       'ssl' => [
           'verify_peer' => false,
           'verify_peer_name'=> false,
           'allow_self_signed' => true
        ]
    ]
));

Providing a configuration in the Mercury bundle can be a good idea too.
If this issue seems relevant, I want to try to contribute for the first time to Symfony :)

Answer 1 · 2019-04-25T14:02:53.000Z

We plan to remove the fopen calls and use HttpClient instead. It has support for self-signed certificates and many more.

Would you like to work on this? :)

Answer 2 · 2019-04-25T14:26:15.000Z

Yes, use HttpClient is a good idea ! I did not originally offer it because I thought you did not want dependencies on this package, and that's why you chose to use fopen calls.

Yes I want to work on the subject :)
If you more detail about what you expect, I'm interested, but I can very well start without ;)

Answer 3 · 2019-05-01T09:23:29.000Z

I'm going on holidays friday until May 20, so I'm trying to push a first version of PR in the first half of June ;)