Optimole requests use sslverify=false despite valid server CA

  • Resolved mirco261

    (@mirco261)


    3 months, 4 weeks ago

    Hello,

    we are seeing the following entry in WordPress logs / Query Monitor:

    Certificate verification disabled (sslverify=false) https://dashboard.optimole.com/api/optml/v2/account/details

    We have verified with our hosting provider that:

    • ca-certificates package is installed and up to date
    • OpenSSL and cURL SSL verification works correctly at system and PHP level
    • No custom filters are disabling SSL verification in WordPress

    Hosting confirmed that this behavior is not caused by missing or invalid CA certificates on the server.

    Could you please clarify:

    1. Why Optimole is setting sslverify=false for API requests?
    2. Whether this is expected behavior, a fallback, or a known issue?
    3. If there is a way to enforce SSL verification (sslverify=true) in the plugin?

    Environment:

    • WordPress 6.9
    • PHP 8.2
    • OpenSSL 3.0.13
    • Optimole plugin version: [doplníš verziu]

    Thank you.

    Best regards
    Miroslav

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support Poonam Namdev

    (@poonam9)

    3 months, 3 weeks ago

    Hi @mirco261,

    Thank you for reaching out.

    You don’t have to worry about anything, as we have disabled the SSL check to avoid issues with some hosting providers that have the SSL library misconfigured.

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.