Hi,
We had a problem related to this in our hosted WP sites. The PHPMailer plugin showed SSL errors and I solved the problem modifying the netutils jail. Let’s explain what I did (It was an AlmaLinux 9, so the paths may be different in other OS).
To ensure SSL works correctly with PHP, we need to add the file containing the certification entities to the jail and modify the PHP-FPM pool to include this path. We edit /etc/jailkit/jk_init.ini and in the [netutils] section, we add the line:
regularfiles= /etc/ssl/certs/ca-bundle.trust.crt, /etc/pki/tls/certs/ca-bundle.crt
It would look as follows:
[netutils]
comment=several internet utilities like wget, ftp, rsync, scp, ssh
paths=wget, curl, lynx, ftp, host, rsync, smbclient
regularfiles= /etc/ssl/certs/ca-bundle.trust.crt, /etc/pki/tls/certs/ca-bundle.crt
includesections=netbasics, ssh, sftp, scp
Next, we edit the configuration of the php-fpm pool to include the path by adding the following line:
php_value[openssl.cafile] = /etc/pki/tls/certs/ca-bundle.crt
You then need to reapply the chroot jail to the website.
If we want this configuration to be added by default when creating a new server, then we should include it in the default template. So we edit System Settings > Server Templates > Default Settings > PHP options and in the “Additional FPM pool options” section, we add the line:
php_value[openssl.cafile] = /etc/pki/tls/certs/ca-bundle.crt