The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

curl can't find ca-bundle on centos7

Discussion in 'CloudLinux' started by uadm, Aug 6, 2015.

  1. uadm

    uadm Well-Known Member

    Joined:
    May 19, 2003
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    156
    The problem is this:

    We run a page that sends curl request to a remote https server. This failed since we moved the account to a new centos7 server.

    It seems on centos7 /etc/pki/tls/certs/ca-bundle.crt is linked to /etc/pki/ca-trust/extracted/openssl/ca-bundle.crt which is not available to cagefs users.

    We tried to add /etc/pki to /etc/cagefs/cagefs.mp and run cagefsctl --remount-all
    but this doesn't help while /etc/pki/ca-trust is still not available to cagefs users.

    We also tried to delete the /etc/pki/tls/certs/ca-bundle.crt link and put there a real file, however to cagefs users it's still being shown as a link.

    finnaly we solved it with moving the bundle to the account directory and setting curl.cainfo="ca-bundle.crt" in it's php.ini.


    However we want to solve this server wide.

    Please advise.
     
    #1 uadm, Aug 6, 2015
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    Could you verify if this account is assigned jailed shell access?

    Thank you.
     
    #2 cPanelMichael, Aug 24, 2015
  3. uadm

    uadm Well-Known Member

    Joined:
    May 19, 2003
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    156
    This account has noshell.
    It's not the shell it has or hasn't, when we disable cagefs for the account it can access the ca-bundle.
     
    #3 uadm, Aug 24, 2015
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    A resolution for this is scheduled for the next update from Cloud Linux. In the meantime, try running the following commands to address the issue:

    Code:
    cagefsctl --addrpm ca-certificates
cagefsctl --force-update
    Thank you.
     
    #4 cPanelMichael, Sep 4, 2015
(You must log in or sign up to post here.)
Loading...
Similar Threads - curl can't find
  1. adamreece.webbox

    CloudLinux PHP cURL Issue

    adamreece.webbox, Jul 7, 2017, in forum: EasyApache
    Replies:
    15
    Views:
    471
    cPanelMichael
    Jul 14, 2017
  2. pronesco

    Error: cURL error 77: Problem with the SSL CA cert (path? access rights?)

    pronesco, Jun 13, 2017, in forum: General Discussion
    Replies:
    3
    Views:
    205
    cPanelMichael
    Jun 14, 2017
  3. fiberit

    cURL Failing After recent EA4 update

    fiberit, Apr 19, 2017, in forum: EasyApache
    Replies:
    3
    Views:
    352
    cPanelMichael
    Apr 19, 2017
  4. Dinis Sousa

    being able to use curlftpfs

    Dinis Sousa, Apr 14, 2017, in forum: Data Protection
    Replies:
    1
    Views:
    158
    cPanelMichael
    Apr 14, 2017
  5. shahram mohseni

    Curl login security token invalid

    shahram mohseni, Mar 7, 2017, in forum: cPanel Developers
    Replies:
    7
    Views:
    536
    cPanelMichael
    Mar 13, 2017

Share This Page