When using functions like wp_remote_get to connect to a third party site, it would be great if we could somehow specify the TLS version to be used.
In older versions of wordpress, it was possible to do this using the ‘http_api_curl’ action hook and calling curl_setopt on the handle. But as far as I can tell this is no longer possible because WP_Http_Curl has been superseded by Requests_Transport_cURL and related classes.
The new system uses local hooks rather than global ones ($options->hooks->register() ) and I can’t see any way of adding methods to these hooks apart from directly modifying WP_Http->request() or Requests_Transport_cURL->setup_handle().
The use-case I have is a server with Centos 6.6, libcurl v7.19.7, openssl 1.0.1e. It’s capable of using TLS 1.2, but by default it will use TLS1.0 unless specified with curl_setopt($handle, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2)
Various webservices (eg Stripe) are restricting connections to TLS1.2 only, so the ability to force a TLS1.2 transaction in an environment where it is not the default method would be invaluable.
- You must be logged in to reply to this topic.