Hello. I have noticed that this library relies on an old -and abandoned- version of Guzzle as a wrapper of curl for http communication.
Guzzle has an embedded cacert.pem file that is quite old (2014) and therefore fails with the rackspace certificates.
This embedded cacert.pem seems to take precedence of any cert store (open ssl store, php cert store).
Out of the box, any communication with the rackspace servers ends with a curl error, the typical:
curl: (60) SSL certificate problem: unable to get local issuer certificate
The simplest workaround is to disable the verification in the client: $client->setDefaultOption( 'verify', false ); however it's not a good practice. The not so simple, to update the cacert.pem in the guzzle vendor folder.
I guess this problem should be solved if updating the dependence to a newer version of guzzle.
perogrullous
commented
3 years ago
Hello. I have noticed that this library relies on an old -and abandoned- version of Guzzle as a wrapper of curl for http communication. Guzzle has an embedded cacert.pem file that is quite old (2014) and therefore fails with the rackspace certificates. This embedded cacert.pem seems to take precedence of any cert store (open ssl store, php cert store).
Out of the box, any communication with the rackspace servers ends with a curl error, the typical: curl: (60) SSL certificate problem: unable to get local issuer certificate
The simplest workaround is to disable the verification in the client: $client->setDefaultOption( 'verify', false ); however it's not a good practice. The not so simple, to update the cacert.pem in the guzzle vendor folder.
I guess this problem should be solved if updating the dependence to a newer version of guzzle.