What this config does is provides for PHP curl to verify the certificates of HTTPS servers that it connects to. Without this, it apparently just trusts anything.
We can perhaps copy the logic from https://tracker.moodle.org/browse/MDL-39356 , where Moodle recently implemented something similar. They appear to have included the cacert.pem from http://curl.haxx.se/docs/caextract.html
What this config does is provides for PHP curl to verify the certificates of HTTPS servers that it connects to. Without this, it apparently just trusts anything.
We can perhaps copy the logic from https:/ /tracker. moodle. org/browse/ MDL-39356 , where Moodle recently implemented something similar. They appear to have included the cacert.pem from http:// curl.haxx. se/docs/ caextract. html