Replace cafile.pem with composer/ca-bundle

composer.json

@@ -33,6 +33,7 @@
         "ext-mbstring": "*",
         "cakephp/chronos": "^1.0.1",
         "aura/intl": "^3.0.0",
+        "composer/ca-bundle": "^1.0",
         "psr/log": "^1.0.0",
         "psr/simple-cache": "^1.0.0",
         "zendframework/zend-diactoros": "^1.8",

src/Http/Client/Adapter/Curl.php

@@ -18,6 +18,7 @@ use Cake\Http\Client\AdapterInterface;
 use Cake\Http\Client\Request;
 use Cake\Http\Client\Response;
 use Cake\Http\Exception\HttpException;
+use Composer\CaBundle\CaBundle;
 
 /**
  * Implements sending Cake\Http\Client\Request via ext/curl.
@@ -100,7 +101,7 @@ class Curl implements AdapterInterface
         }
 
         if (empty($options['ssl_cafile'])) {
-            $options['ssl_cafile'] = CORE_PATH . 'config' . DIRECTORY_SEPARATOR . 'cacert.pem';
+            $options['ssl_cafile'] = CaBundle::getBundledCaBundlePath();
         }
         if (!empty($options['ssl_verify_host'])) {
             // Value of 1 or true is deprecated. Only 2 or 0 should be used now.

src/Http/Client/Adapter/Stream.php

@@ -19,6 +19,7 @@ use Cake\Http\Client\AdapterInterface;
 use Cake\Http\Client\Request;
 use Cake\Http\Client\Response;
 use Cake\Http\Exception\HttpException;
+use Composer\CaBundle\CaBundle;
 
 /**
  * Implements sending Cake\Http\Client\Request
@@ -216,7 +217,7 @@ class Stream implements AdapterInterface
             'ssl_passphrase',
         ];
         if (empty($options['ssl_cafile'])) {
-            $options['ssl_cafile'] = CORE_PATH . 'config' . DIRECTORY_SEPARATOR . 'cacert.pem';
+            $options['ssl_cafile'] = CaBundle::getBundledCaBundlePath();
         }
         if (!empty($options['ssl_verify_host'])) {
             $url = $request->getUri();

src/Network/Socket.php

@@ -18,6 +18,7 @@ namespace Cake\Network;
 use Cake\Core\InstanceConfigTrait;
 use Cake\Network\Exception\SocketException;
 use Cake\Validation\Validation;
+use Composer\CaBundle\CaBundle;
 use Exception;
 use InvalidArgumentException;
 
@@ -207,9 +208,7 @@ class Socket
             $this->_config['context']['ssl']['peer_name'] = $host;
         }
         if (empty($this->_config['context']['ssl']['cafile'])) {
-            $dir = dirname(dirname(__DIR__));
-            $this->_config['context']['ssl']['cafile'] = $dir . DIRECTORY_SEPARATOR .
-                'config' . DIRECTORY_SEPARATOR . 'cacert.pem';
+            $this->_config['context']['ssl']['cafile'] = CaBundle::getBundledCaBundlePath();
         }
         if (!empty($this->_config['context']['ssl']['verify_host'])) {
             $this->_config['context']['ssl']['CN_match'] = $host;

tests/TestCase/Filesystem/FolderTest.php

@@ -739,7 +739,7 @@ class FolderTest extends TestCase
         $this->assertSame(array_diff($expected, $result), []);
 
         $result = $Folder->find('.*', true);
-        $expected = ['bootstrap.php', 'cacert.pem', 'config.php'];
+        $expected = ['bootstrap.php', 'config.php'];
         $this->assertSame($expected, $result);
 
         $result = $Folder->find('.*\.php');

tests/TestCase/Http/Client/Adapter/CurlTest.php

@@ -18,6 +18,7 @@ use Cake\Http\Client\Adapter\Curl;
 use Cake\Http\Client\Request;
 use Cake\Http\Client\Response;
 use Cake\TestSuite\TestCase;
+use Composer\CaBundle\CaBundle;
 
 /**
  * HTTP curl adapter test.
@@ -30,7 +31,7 @@ class CurlTest extends TestCase
         $this->skipIf(!function_exists('curl_init'), 'Skipping as ext/curl is not installed.');
 
         $this->curl = new Curl();
-        $this->caFile = CORE_PATH . 'config' . DIRECTORY_SEPARATOR . 'cacert.pem';
+        $this->caFile = CaBundle::getBundledCaBundlePath();
     }
 
     /**