We run an apache2 server and want to use google recaptcha due to high volume of bots on our newsletter.
Therefore I implemented some lines of developers php-code which in general should work ... but not on my server.
I investigated further and found that the function file_get_contents() ends with an SSL error.
file_get_contents(self::SITE_VERIFY_URL, false, $context)
Below you can find an extract from the servers log file.
PHP Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages:\nerror:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /var/www/html/app/lib/vendor/google/recaptcha/src/ReCaptcha/RequestMethod/Post.php on line 68
PHP Warning: file_get_contents(): Failed to enable crypto in /var/www/html/app/lib/vendor/google/recaptcha/src/ReCaptcha/RequestMethod/Post.php on line 68
PHP Warning: file_get_contents(https://www.google.com/recaptcha/api/siteverify): failed to open stream: operation failed in /var/www/html/app/lib/vendor/google/recaptcha/src/ReCaptcha/RequestMethod/Post.php on line 68
This brought me to the conclusion that Openssl is misconfigured.
So I:
reinstalled ca-certificates with apt-get purge ca-certificate
Also downloaded the cacert.pem and linked it in the php.ini
checked if curl works properly, but it doesnt (every call of curl ends with curl: (60) SSL certificate problem: unable to get local issuer certificate
checked openssl.cnf which looks ok to me.
Any ideas how to solve this would be great.
So I found the problem:
First I changed the filepath according to the comment by drew010.
Then I fixed issues on my server with file permissions of /etc/ssl/certs according to this post: https://askubuntu.com/a/636979
Now file_get_contents does not invoke any errors and recaptcha runs smoothly.
Related
I tried to install Composer on a fresh newly installed Windows 10 Pro build 1809 and I got this error message.
The Composer installer script was not successful [exit code 1].
OpenSSL failed with a 'certificate verify failed' error. This
indicates a problem with the Certificate Authority file(s) on your
system, which may be out of date.
Certificate location [from openssl.cafile ini setting]:
D:\xampp\apache\bin\curl-ca-bundle.crt
The php.ini used by your command-line PHP is: D:\xampp\php\php.ini
Script Output:
The "https://getcomposer.org/versions" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
I've tried to replace the "curl-ca-bundle.crt" with "cacert.pem" from http://curl.haxx.se/ca/cacert or with "ca-bundle.crt" but it's nothing, the error messages still happened.
Can anyone help me to fix this problem?
Finally, I solved this problem. Because my company's blocked something on the network. Then I try to switched to the other network, then It's succuessfully installed!
hope everyone doing well. I'm getting an error of SSL while creating new project using laravel. Here's my error:
[Composer\Downloader\TransportException]
The "http://packagist.org/p/laravel/laravel$745fa4e5f0a1485878f0b4c5be5cf26
a9e5d68243751f3c34acbd8bf3766065d.json" file could not be downloaded: SSL o
peration failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed
Failed to enable crypto
failed to open stream: operation failed
For that problem, i'm trying multiple solutions but result still zero. I want to share one method which is used for SSL issue. I got that below method some website and where's the guy guide to add that below code in php.ini file.
[curl]
; A default value for the CURLOPT_CAINFO option. This is required to be an
; absolute path.
curl.cainfo ="/Applications/XAMPP/xamppfiles/etc/cacert.pem"
[openssl]
; The location of a Certificate Authority (CA) file on the local filesystem
; to use when verifying the identity of SSL/TLS peers. Most users should
; not specify a value for this directive as PHP will attempt to use the
; OS-managed cert stores in its absence. If specified, this value may still
; be overridden on a per-stream basis via the "cafile" SSL stream context
; option.
openssl.cafile="/Applications/XAMPP/xamppfiles/etc/cacert.pem"
But this method also not working. Can anyone please help me to how can i resolve that issue. Thanks
Run that command and solve your problem, i fixed it myself
curl -sS https://getcomposer.org/installer | php mv composer.phar /usr/local/bin/composer
I'm on MacOs sierra also with PHP 5.6.24
I followed a certain tutorial found here to install Wordpress onto App Engine, using a SQL Cloud Database.
I'm up to the point when I have to run the setup script to download the Wordpress archive and plugins. When that command is ran I get the following errors:
Downloading the WordPress archive...
Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /Users/Me/Sites/Blog/src/Project.php on line 47
Warning: file_get_contents(): Failed to enable crypto in /Users/Me/Sites/Blog/src/Project.php on line 47
Warning: file_get_contents(https://wordpress.org/latest.zip): failed to open stream: operation failed in /Users/Me/Sites/Blog/src/Project.php on line 47
I've looked at multiple resources to combat this issue such as, this one, where they suggest to set the verification to the peer to false, but I do not have that option within this project. I also found that someone suggested to use curl instead but I'm unsure how to use that without breaking the project.
While attempting to clean up our project dependencies, composer is failing with the errors:
The "https://packagist.drupal-composer.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
https://packagist.drupal-composer.org could not be fully loaded, package information was loaded from the local cache and may be out of date
This is happening on a vagrant CentOS 7 box.
I found one answer that recommended to download the Mozilla CA certificate store and ensuring that openssl.cafile is set in php.ini but that didn't work for me.
I ran wget -v https://packagist.drupal-composer.org/packages.json to see what it returned from both my local machine (it worked correctly) and the vagrant box. The output on the vagrant box was:
--2016-04-24 09:08:30-- https://packagist.drupal-composer.org/packages.json
Resolving packagist.drupal-composer.org... 147.75.205.69
Connecting to packagist.drupal-composer.org|147.75.205.69|:443... connected.
ERROR: cannot verify packagist.drupal-composer.org's certificate, issued by "/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3":
Issued certificate not yet valid.
To connect to packagist.drupal-composer.org insecurely, use '--no-check-certificate'.
It seemed strange to me that the certificate was coming back as not yet valid, until I realized that the date in the output was off by 2 days (today is 04-26, not 04-24). After fixing the system clock I retried and was able to download all the dependencies.
I am trying to implement a PHP SOAP based web service into my web application. I am getting a series of errors which seem to point to a conflict of libraries with regard to OpenSSL (or Curl, etc.), this I have understood by searching the internet for similar errors, but thought a general consensus that libraries are the issue, there is no solution that I can find.
Warning (2): SoapClient::__doRequest() [soapclient.--dorequest]: SSL operation failed with code 1. OpenSSL Error messages:
error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert unexpected message [CORE/vendors/Startrack/WSSecurity.php, line 110]
Warning (2): SoapClient::__doRequest() [soapclient.--dorequest]: Failed to enable crypto [CORE/vendors/Startrack/WSSecurity.php, line 110]
Warning (2): SoapClient::__doRequest() [soapclient.--dorequest]: connect() failed: Unspecified error [CORE/vendors/Startrack/WSSecurity.php, line 110]
Notice (8): Undefined property: SoapFault::$detail [APP/controllers/startrack_controller.php, line 38]
Notice (8): Trying to get property of non-object [APP/controllers/startrack_controller.php, line 38]
Could not connect to host
This is being served from a Mac OSX Lion server. PHP 5.3.3 is installed, and the extensions for OpenSSL, Curl and SOAP are enabled. This is being built within CakePHP which explains the syntax of the error messages above. I am using a PHP Web Service bundle already provided. The above works when hosted via MAMP, but I am hoping to not have to rely on MAMP.
The only incompatibility I can find is between the OpenSSL headers and library versions, but from what I know this ought not be a problem?
OpenSSL Library Version OpenSSL 0.9.8r 8 Feb 2011
OpenSSL Header Version OpenSSL 0.9.8l 5 Nov 2009
I am trying to understand if the assumed 'conflict' is between my server and the remote server? The WSDL file is included in the Web Service API, as they hope to avoid any issues, and it works through a MAMP install on the same computer. So I think it is a setup issue between Apache/PHP and Curl/OpenSSL.
Any pointers to how to establish the actual issue, and rectify it would be appreciated.
This could be because you are trying to connect with an SSL 3 enabled server, that may (?) have SSL 2 disabled.
Try connecting to the server like this on the command line:
openssl s_client -connect {SERVER NAME OR IP}:443 -state
If that does not work, then try connecting like this:
openssl s_client -ssl3 -connect {SERVER NAME OR IP}:443 -state
If that does work, then try creating a wrapper class, similar to this one found in the PHP documentation.
You should add a line similar to:
curl_setopt($handle, CURLOPT_SSLVERSION, 3);
inside the callCurl function to force SOAP to connect over version three of ssl.