Configure HTTPS and TLS settings in the SDK

Updated at:
Copy as MD

The Alibaba Cloud SDK V2.0 for PHP uses HTTPS for all API requests and validates TLS certificates by default. You can customize these settings for specific compliance requirements or isolated test environments.

Client-level configuration (Config object)

Configure the protocol when you initialize the SDK client. These settings apply to all requests made by that client instance.

Set the request protocol

The SDK sends all requests over HTTPS by default. You can override this for legacy endpoints that only support HTTP, but we strongly recommend HTTPS to protect your data in transit.

Important

Using HTTP sends your request data, including credentials, in clear text. Only use HTTP in trusted, isolated environments.

use Darabonba\OpenApi\Models\Config;

$config = new Config([
// This example overrides the secure default to use HTTP.
    'protocol' => 'HTTP', 
]);

Request-level configuration (RuntimeOptions object)

Pass a RuntimeOptions object to configure settings for a single API call, such as temporarily disabling certificate validation during testing.

Disable TLS certificate validation

The SDK validates TLS certificates for all HTTPS requests by default. In non-production or test environments, such as when using a proxy with a self-signed certificate, you may need to temporarily disable this validation.

Important

Disabling certificate validation is a security risk. Only use this option for testing in trusted environments. Never disable certificate validation in production code.

use AlibabaCloud\Tea\Utils\Utils\RuntimeOptions;

$runtimeOptions = new RuntimeOptions();
# This option skips certificate validation for a single API call.
$runtimeOptions->ignoreSSL = true;