Description: ------------ Instead of disable the security provided by SSL setting ssl_verify_peer' = false, you should take a look at http://curl.haxx.se/docs/sslcerts.html I have built my bundle cert using this http://curl.haxx.se/docs/caextract.html, and appended the https://twitter.com cert (follow point 3 of the page) to the bundle. I have tested all this and works great! The code at the test section will show it. I am attaching the full cert also. Regards, Mauro Test script: --------------- $twitter = new Services_Twitter(null, null, array('use_ssl' => true)); //$twitter->getRequest()->setAdapter('HTTP_Request2_Adapter_Curl'); $twitter->getRequest()->setConfig('ssl_verify_peer', true); $twitter->getRequest()->setConfig('ssl_verify_host', true); $twitter->getRequest()->setConfig('ssl_cafile', dirname(__FILE__). '/twitter/cacert.pem');

Well, couldn't attach the cert. But you have to download the bundle from http://curl.haxx.se/docs/caextract.html and then append the extracted cert from the site (https://twitter.com)

I understand your motive, but what you propose is way too much for a general purpose class. IMHO, the class should allow you to override use_ssl - that's all. So in the end you can fiddle with the SSL and make sure it's all verified. I wouldn't make everyone go through this. If you want to supply a patch for this, that would be great!