Related
I have a PHP Laravel (5.6) system that I need to connect to an FTP server to upload a single file. The FTP server that I am connecting to is restricting access by ip address, uses port 990, and other than that has a seemingly simple configuration. On my local machine (I'm running on Linux Ubuntu if that helps) I am able to connect to the ftp server in FileZilla just fine, FileZilla did seem to automatically choose ftps. I am also able to ping this server.
Now this PHP Laravel (5.6) application is running on NGINX (had this for a while, everything else server-wise seems fine). As of now I am just trying to get this working locally, though there is a production server that it will have to be pushed onto (pretty much identical configuration though).
I started out trying to use the built in PHP function ftp_connect and ftp_ssl_connect - both using the same host and port number (990) as in FileZilla. I have been unable to get past this step - it returns false (so never even gets to my login logic).
$ftp = ftp_connect(env('FTP_HOST'),env('FTP_PORT')); // returns FALSE
$ftp = ftp_ssl_connect(env('FTP_HOST'),env('FTP_PORT')): // returns FALSE
After searching for a while I decided to try Laravel's filesystem to see if that would make it easier, these are my settings in config/filesystems.php:
'ftp' => [
'driver' => 'ftp',
'host' => env('FTP_HOST'),
'username' => env('FTP_USER'),
'password' => env('FTP_PASSWORD'),
'port' => env('FTP_PORT'),
'ssl' => true,
'timeout' => 60,
],
'sftp' => [
'driver' => 'sftp',
'host' => env('FTP_HOST'),
'username' => env('FTP_USER'),
'password' => env('FTP_PASSWORD'),
'port' => env('FTP_PORT'),
'timeout' => 60,
],
I figured I'd try both ftp and sftp here, I then tried the following:
Storage::disk('ftp')->put('test.csv', $file);
and
Storage::disk('sftp')->put('test.csv', $file);
The first just timed out, the second gave me the message: League\Flysystem\Sftp\ConnectionErrorException: Could not login with username: ###, host: ### in...
Any ideas of what this could be or next steps I could take towards troubleshooting would be greatly appreciated, I feel like I just don't know what to try to get a better understanding of what's wrong here. Thanks!
EDIT:
I realized that previously I had always used the quick connect feature in FileZilla for this. I looked into it further and was able to confirm that the encryption has to be implicit FTP over TLS - So I'm wondering if there is a setting for that I'm missing.
The port 990 is for implicit TLS/SSL, as you have eventually figured out.
The implicit TLS/SSL is not supported by the PHP built-in FTP implementation. Neither is implicit TLS/SSL supported by flysystem used by Laravel (which probably internally uses PHP built-in FTP anyway).
The implicit TLS/SSL was a temporary hack back in 90s to allow legacy FTP software to use encrypted connection without modification. It was never something that should have been used in long term, definitely not 30 years later! The implicit FTP never even became part of FTP standard. Only the explicit TLS/SSL was standardized by RFC 4217 in 2005. Since then, noone should be using implicit TLS/SSL ever.
Get your FTP server fixed to use the explicit TLS/SSL.
Take a look at the additional settings (https://flysystem.thephpleague.com/v2/docs/adapter/ftp/) you can add to the filesystem.php for your ftp settings. Match them with what you have on your FileZilla settings and see if it helps.
Laravel underneath uses the flysystem adapters to connect to different storage types and you can reference the settings from the above URL.
I have a ColdFusion page on which a secure FTP connection is made to a remote ftp server, and the names of all of the files in a certain directory on that server are listed (in a query object). This is relatively simple in CF - you use the cfftp tag to open an ftp connection, and then use the cfftp tag again to list out the files that are in a specific directory:
<cfftp action = "open"
username = "username"
connection = "myConnection"
password = "password"
fingerprint = "(eight pairs of hexadecimal values in the form
hh:hh:hh:hh:hh:hh:hh:hh)"
server = "xxx.xxx.xx.xx"
secure = "yes">
<cfftp action = "listDir"
connection="myConnection"
directory="Output_Directory"
name="qDir" />
<!--- Files in the specified directory are now stored in a query object named "qDir", and their filenames can be pulled using a CF query of query --->
I'm new to PHP/Laravel, and am trying to figure out how to do the same in Laravel. So far, I haven't found any videos or tutorials that explain how to open ftp connections in Laravel (normal or secure), or how to view the files within a directory once that connection has been made.
I did find something at https://laravel.com/docs/5.6/filesystem#downloading-files, on what to put in the filesystems.php page for SFTP driver configuration. Which, I gather, needs to be set up before I can open any SFTP connection within my Laravel site. But, I'm finding this a little confusing. As seen below, that code appears to require values for "privateKey" and "password", and includes no optional setting for "fingerprint", which I'm including in the CFFTP tag above.
//include on filesystems.php:
'sftp' => [
'driver' => 'sftp',
'host' => 'example.com',
'username' => 'your-username',
'password' => 'your-password',
// Settings for SSH key based authentication...
// 'privateKey' => '/path/to/privateKey',
// 'password' => 'encryption-password',
// Optional SFTP Settings...
// 'port' => 22,
// 'root' => '',
// 'timeout' => 30,
],
I can connect to the ftp server securely through an ftp client (Bitvise), which only asks for the username, password, host IP, and port (22). So I'm not sure what "privateKey" or "password" values need to be provided to the code above...nor how there can be two variables named "password" within the 'sftp' array (one for "your-password" and one for "encryption-password").
Laravel seems to have good tutorial videos in general -- can anyone point me to any where ftp/sftp is covered, particularly "open" and "listDir" type actions? (I'm looking for Laravel in particular -- I can figure out how it's done in vanilla PHP on my own). Thanks much.
(Addendum) adding this here later, so that I can wrap the below in code format. I think one thing I need to do is use the ftp filesystem driver, rather than the sftp filesystem driver, and set 'ssl' to true. So on filesystems.php, I should have something like:
'ftp' => [
'driver' => 'ftp',
'host' => env('FTP_SERVER'),
'port' => 22,//env('FTP_PORT'),
'username' => env('FTP_USERNAME'),
'password' => env('FTP_PASSWORD'),
'passive' => true,
'ssl' => true,
'timeout' => 30,
'root' => '/',
],
Still working on establishing a connection; though. I was getting an error message when I tried to do that: "Use of undefined constant FTP_BINARY - assumed 'FTP_BINARY'". Figured out that problem - was because I needed to enable php_ftp.dll in the php config, as this is not enabled by default on Windows. But now I'm getting a different error message -- "Could not connect to host xxx.xxx.xx.xx port:22". Will dig into that, see what the problem is and report back.
(Later) Looks like I'm having an authentication problem of some sort. I've tried connecting to the same FTP server just using vanilla PHP, i.e., the ftp_ssl_connect() function. That function is returning false, which means there's an error connecting. (Before I enabled php_ftp.dll, I was just getting an error message saying that ftp_ssl_connect() was an undefined function). Wondering if omitting the fingerprint, which we were previously including as a param with the Coldfusion cfftp tag, has something to do with it. But this isn't a possible parameter in the Laravel or core PHP functions. Digging...will report back...
(4/11/18)
The crucial question seems to be what exactly is happening with the cfftp tag, and how it's making its connection (sFTP, or FTPS?) Because however it's working is what we want to re-create in PHP/Laravel. I've asked a separate question regarding this.
The documentation for the cfftp tag says nothing about it using sFTP or FTPS. It only says that when you specify secure="yes", then it allows you to open a connection to a Secure Shell (SSH) server by using either symmetric or asymmetric encryption. When using symmetric encryption (which is what we're doing), you pass username, password, and fingerprint (which we do).
You can specify the port in the cfftp tag; if no port is specified, then it defaults to 21. As a test, I've explicitly passed the port as both 21 and 22, and the connection worked fine in both cases. I'm not sure why that is; I'd expect it to work in one case or the other, but not both.
Meanwhile, in case we indeed need to use SFTP, I've tried making a SFTP connection to the ftp server in core PHP, using the ssh2_connect() function. I'm getting an error message saying that this function is undefined, even though I've added and enabled the php_ssh2.dll extension, so that's another thing to look into.
The privateKey field is if you're using public key authentication on
your SSH connection. Public key authentication is used as an alternative to standard username/password authentication. It's typically considered more secure than just username/password. Here's a decent primer.
Laravel's SFTP filesystem driver uses The PHP League's flysystem-sftp:
https://github.com/thephpleague/flysystem-sftp
If you opt to not use public key authentication, you can probably leave that field commented out. The second password entry is probably just a typo in the documentation; see the flysystem-sftp project for the actual configuration syntax.
How can I force TLSv1.0 in a PHP stream context when trying to access an https URL?
I’m looking for something along the lines of this:
$context = stream_context_create(
array(
'ssl' => array(
'protocol_version' => 'tls1',
),
));
file_get_contents('https://example.com/test', false, $context);
Background
Actually I’m facing an issue in Ubuntu 12.04 when working with PHP’s SoapClient. Unfortunately, the server I’m trying to connect to does only support SSLv3.0/TLSv1.0 and fails on the default TLSv1.1 negotiation. Therefore I’d like to explicitly set the protocol of the ssl:// transport to TLSv1.0.
PHP 5.6+ Users
This is a new feature as documented on the PHP 5.6 OpenSSL Changes page.
At time of writing this, PHP5.6 is in Beta1 and thus this isn't overly useful. People of the future - lucky you!
The future is upon us. PHP 5.6 is a thing and its use should be encouraged. Be aware that it deprecates some fairly widely used things like mysql_* functions so care should be taken when upgrading.
Everyone else
#toubsen is correct in his answer - this isn't directly possible. To elaborate on his suggested workarounds... when working around a problem where a supplier's API server wasn't correctly negotiating TLSv1.2 down to its supported TLSv1.0, sending a small subset of ciphers seemed to allow negotiation to complete correctly. Stream context code is:
$context = stream_context_create(
[
'ssl' => [
'ciphers' => 'DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:KRB5-DES-CBC3-MD5:KRB5-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:KRB5-RC4-MD5:KRB5-RC4-SHA:RC4-SHA:RC4-MD5:RC4-MD5:KRB5-DES-CBC-MD5:KRB5-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:EXP-KRB5-RC2-CBC-MD5:EXP-KRB5-DES-CBC-MD5:EXP-KRB5-RC2-CBC-SHA:EXP-KRB5-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD5:EXP-KRB5-RC4-MD5:EXP-KRB5-RC4-SHA:EXP-RC4-MD5:EXP-RC4-MD5',
],
]
);
SOAP Users
PHP's SOAP client doesn't use curl, nor does it seem to use the default context set with stream_context_set_default. As such, the created context needs to be passed to the SOAPClient constructor in the 2nd parameter as such:
$soap_client = new SOAPClient('http://webservices.site.com/wsdlfile.wsdl', array('stream_context' => $context));
Why those Ciphers?
Running the command openssl ciphers on the server gives you a list of supported ciphers in the above format. Running openssl ciphers -v tells you those that are TLSv1.2 specific. The above list was compiled from all of the non-TLSv1.2 ciphers reported by OpenSSL.
openssl ciphers -v | grep -v 'TLSv1.2' | cut -d ' ' -f 1 | tr "\n" ':'
In case someone wants to know how to "disable" TLSv1.0 when making a SOAP request...
$parameters = array(
'trace' => true,
'exceptions' => true,
'cache_wsdl' => WSDL_CACHE_NONE,
'stream_context' => stream_context_create(array(
'ssl' => array(
'ciphers' => 'DEFAULT:!TLSv1.0:!SSLv3'
),
)),
'connection_timeout' => 15
);
$client = new SoapClient(YOUR_WSDL_URL_HERE, $parameters);
The key part here is that stream context ciphers line. This says use the default ciphers, but exclude TLSv1.0 ciphers (the 1.0 package also has TLSv1.1 ciphers). The : is the cipher package separator (what goes between packages) and the ! here is to tell it to exclude this package (it's a hard exclude so if it shows up later in the list it will still be excluded). Soft exclude is - character and add to the end of the list is + character. To add in order just add it without anything in front of it.
Cipher information here: https://www.openssl.org/docs/manmaster/man1/ciphers.html#CIPHER-LIST-FORMAT
Edit:
For whatever reason including the
'ssl_method' => SOAP_SSL_METHOD_TLS,
part from the options was really causing me headaches and wouldn't connect in certain contexts. After tons of troubleshooting and playing around with options I finally realized that removing this setting and letting it autoset this seems to have resolved the issue.
Base information
The field protocol_version is only valid for HTTP context (HTTP 1.0 vs 1.1), but does not affect the SSL context.
The following manual page lists all stream context options for PHP:
Context options and parameters
For all SSL based stream wrappers, only the follwing options are available:
SSL context options
Possible solutions / workarounds
First advice: Get the server admin to fix his server instead of working around this in your client ;-)
Maybe you can get it wo work with the ciphers option for SSL streams, to pass only one exact TLSv1.0 cipher suite (that is unique to TLSv1.0) in the list, that your target server supports.
Switching the implementaion to use cURL will most probaly also not help here, as according to an entry in their mailing list, there's no option to force a certain TLS version - the client will downgrade when needed automatically.
tl;dr
I currently know of no way to explicitly force TLSv1.0 for SSL connections from PHP.
I can confirm that above accepted answer does not work for Ubuntu 12.04 and PHP 5.4.33 combination. Also found out that I have to manually specify certificate when trying openssl and curl to access https endpoints. I ended up using RHEL 7 and PHP 5.5 to achieve a solid solution as I was developing integration for an enterprise application. Nothing against Ubuntu, but in my specific case it didn't work.
I am successfully connecting, using Microsoft C#, to a Microsoft web service. I have to supply a username, password (in the C# code); and install a certificate (in .cer format) into the "Root Certificate Authorities" section of the system's certificates.
How can I connect to such a web service in PHP? The reason I ask is that all methods I have seen (such as wsdl2php, which creates a SoapClient subclass), seem to assume various things, such as SSL certificate, SSL key file and SSL key passphrase.
So it all confuses me. I'm not sure what should go where. I'm not sure where my "root certificate authority" (the .cer file) should go, and where the username and password should go. Any ideas?
all can be done whith soapclient and stream_context_create using ssl options
<?php
$context = stream_context_create(array(
'https' => array(
'cafile' => '/path to file',
'verify_peer' => true
)));
new soapclient("https://localhost/index.php?wsdl",array(
'login'=>'admin',
'password'=>'passss',
'stream_context'=> $context
));
it is not uncommon in soap to not use http auth but just an soap-call, the documnetation is essential
it can be rewarding to use soapclient whith classes using classmap to map soaptypes to php clases
Typically if you're calling a webservice using regular SSL your URL will look like:
https://username:password#myserver.com/mywebservice.php
Then there is the issue of the SSL certificate. I'm using something similar to read from an SSL protected SVN web front. I don't know of any other solution other than to log into the server as the user that is running your webserver (apache/IIS) and accepting the certificate manually. In the case of SVN you could make a checkout and it will ask you to accept the certificate. I'm not entirely sure how this would work for a plain HTTPS request but perhaps you can get the certificate by loading the webservice in a browser? (or using wget or something fancy if you're lucky enough to be running Linux)
Also, is your code the PHP code or the C# code? If it's C# you may need to do something else entirely.
Sometimes fail to call the web service.
This problem happens all the time.
What could be the problem?
Error:
SoapFault exception: [HTTP] Could not connect to host in
0 [internal function]: SoapClient->__doRequest('<?xml version="...', http://.', '', 1, 0)
The problem was solved.The problem is the cache
ini_set('soap.wsdl_cache_enabled',0);
ini_set('soap.wsdl_cache_ttl',0);
I am adding my comment for completeness, as the solutions listed here did not help me. On PHP 5.6, SoapClient makes the first call to the specified WSDL URL in SoapClient::SoapClient and after connecting to it and receiving the result, it tries to connect to the WSDL specified in the result in:
<soap:address location="http://"/>
And the call fails with error Could not connect to host if the WSDL is different than the one you specified in SoapClient::SoapClient and is unreachable (my case was SoapUI using http://host.local/).
The behaviour in PHP 5.4 is different and it always uses the WSDL in SoapClient::SoapClient.
The host is either down or very slow to respond. If it's slow to respond, you can try increasing the timeout via the connection_timeout option or via the default_socket_timeout setting and see if that reduces the failures.
http://www.php.net/manual/en/soapclient.soapclient.php
http://www.php.net/manual/en/filesystem.configuration.php#ini.default-socket-timeout
You can also include error handling as zanlok pointed out to retry a few times. If you have users actually waiting on these SOAP calls then you'll want to queue them up and process them in the background and notify the user when they're finished.
A misconfigured service leaves the default namespace with tempuri.org
This means the connection to the wsdl will work, but the function call will fail.
Stacktrace:
SoapClient->__doRequest('http://example.com...', 'http://tempuri.org....', 2, 0)
To remediate this, you must explicitly set the location using __setLocation()
$this->soapClient = new \SoapClient(WS_URL);
$this->soapClient->__setLocation(WS_URL);
This work for me
$opts = array(
'ssl' => array('verify_peer' => false, 'verify_peer_name' => false)
);
if (!isset($this->soap_client)) {
$this->soap_client = new SoapClient($this->WSDL, array(
'soap_version' => $this->soap_version,
'location' => $this->URL,
'trace' => 1,
'exceptions' => 0,
'stream_context' => stream_context_create($opts)
));
there is a soap config section in your php.ini file, which control the wsdl access cache, may be shown as:
[soap]
; Enables or disables WSDL caching feature.
soap.wsdl_cache_enabled=1 ;
Sets the directory name where SOAP extension will put cache files.
soap.wsdl_cache_dir="/tmp"
; (time to live) Sets the number of second while cached file will be used ; instead of original one.
soap.wsdl_cache_ttl=86400
if wsdl file cache is enabled, it may cause this problem when changing wsdl URI in php code.
in this example, you can just delete file start with wsdl- under /tmp directory.
or you just set soap.wsdl_cache_enabled=0; and soap.wsdl_cache_ttl=0;
PHP will fetch the wsdl file every-time you visit the page.
In our case, it was a Ciphers negotiation problem. We were getting this error randomly. We solved our problem by forcing a Cipher like this:
$soapClient = new SoapClient ('http://example.com/soap.asmx?wsdl',
array (
"stream_context" => stream_context_create (
array (
'ssl' => array (
'ciphers'=>'AES256-SHA'
)
)
)
)
);
Looks like PHP wasn't negotiating the same Ciphers at each service call.
In my case it worked after the connection to the wsdl, use the function __setLocation() to define the location again because the call fails with the error:
Could not connect to the host
This happens if the WSDL is different to the one specified in SoapClient::SoapClient.
I hit this issue myself and after much digging I eventually found this bug for ubuntu:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/965371
specifically
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/965371/comments/62
openssl s_client -connect site.tld:443 failed however openssl s_client -tls1 -connect site.tld:443 gave success. In my particular case part of the output included
New, TLSv1/SSLv3, Cipher is RC4-MD5 so I set the php context ssl/cipher value appropriately.
It seems the error SoapFault exception: Could not connect to host can be caused be several different things. In my cased it wasn't caused by proxy, firewall or DNS (I actually had a SOAP connection from the same machine working using nusoap without any special setup).
Finally I found that it was caused by an invalid pem file which I referenced in the local_cert option in my SoapClient contructor.
Solution:
When I removed the certificate chain from the pem file, so it only contained certificate and private key, the SOAP calls started going through.
For me it was a certificate problem. Following worked for me
$context = stream_context_create([
'ssl' => [
// set some SSL/TLS specific options
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true
]
]);
$client = new SoapClient(null, [
'location' => 'https://...',
'uri' => '...',
'stream_context' => $context
]);
In my case service address in wsdl is wrong.
My wsdl url is.
https://myweb.com:4460/xxx_webservices/services/ABC.ABC?wsdl
But service address in that xml result is.
<soap:address location="http://myweb.com:8080/xxx_webservices/services/ABC.ABC/"/>
I just save that xml to local file and change service address to.
<soap:address location="https://myweb.com:4460/xxx_webservices/services/ABC.ABC/"/>
Good luck.
I finally found the reason,its becuse of the library can't find a CA bundle on your system.
PHP >= v5.6 automatically sets verify_peer to true by default. However, not all systems have a known CA bundle on disk .
You can try one of these procedures:
1.If you have a CA file on your system, set openssl.cafile or curl.cainfo in your php.ini to the path of your CA file.
2.Manually specify your SSL CA file location
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($cHandler, CURLOPT_CAINFO, $path-of-your-ca-file);
3.disabled verify_peer
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
For those who struggled the same as me with laravel artisan console command that makes a lot of requests to same wsdl of external soap server and then after some time fails with Could not connect to host error.
The problem was because I was creating new SoapClient instance each time before request was made. Do not do that. Create it once and make each request from the same client.
Hope it helps.
For me it was a DNS issue. My VPS's nameservers crapped out, so I switched to Google's by editing my /etc/resolv.conf to be:
nameserver 8.8.8.8
nameserver 8.8.4.4
If you have a firewall on your server, make sure to open the port used by SOAP.
In my case, I had to open the port 1664.
iptables -t filter -A INPUT -p tcp --dport 1664 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 1664 -j ACCEPT
if ujava's solution can't help you,you can try to use try/catch to catch this fatal,this works fine on me.
try{
$res = $client->__call('LineStopQueryJson',array('Parameters' => $params));
}catch(SoapFault $e){
print_r($client);
}
With me, this problem in base Address in app.config of WCF service:
When I've used:
<baseAddresses><add baseAddress="http://127.0.0.1:9022/Service/GatewayService"/> </baseAddresses>
it's ok if use .net to connect with public ip or domain.
But when use PHP's SoapClient to connect to "http://[online ip]:9022/Service/GatewayService", it's throw exception "Coulod not connect to host"
I've changed baseAddress to [online ip]:9022 and everything's ok.
Another possible reason for this error is when you are creating and keeping too many connections open.
SoapClient sends the HTTP Header Connection: Keep-Alive by default (through the constructor option keep_alive). But if you create a new SoapClient instance for every call in your queue, this will create and keep-open a new connection everytime. If the calls are executed fast enough, you will eventually run into a limit of 1000 open connections or so and this results in SoapFault: Could not connect to host.
So make sure you create the SoapClient once and reuse it for subsequent calls.
I had a bad php.ini configuration. Verify the path and the certificate validity...
[openssl]
openssl.cafile = "C:/good/phpath/ca-bundle.crt"
Because my new \SoapClient($wsdl) was https !
Just to help other people who encounter this error, the url in <soap:address location="https://some.url"/> had an invalid certificate and caused the error.
For me, this was a problem in the httpd service (Fedora 24). A simple restart did the trick:
sudo service httpd restart
If the connection is through SSL, could be a problem of server instead of client (it is my case).
In PHP versions greater than 5.6 and 7, is important to check the CipherSuite used in server certificate.
There is a full list of ciphers allowed by this versions and a full list of ciphers that do not in this web link: https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Ciphersuite
If the cipher used is not allowed (it is a deprecated algorithm), SoapClient receives "Could not connect to host" and there is no more trace about it.
The cipher used can be checked by clients like SoapUI in the section of "SSL Info", for example.
There is no thread forum treating about this in internet.
Check this out, too: http://php.net/manual/en/migration56.openssl.php
In my case the host requires TLS 1.2 so needed to enforce using the crypto_method ssl param.
$client = new SoapClient($wsdl,
array(
'location' => $location,
'keep_alive' => false,
"stream_context" => stream_context_create([
'ssl' => [
'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT,
]
]),
'trace' => 1, // used for debug
)
);
In my case, disabled SELINUX allow PHP to call my WebService.
I run PHP in FPM with Apache2
SELinux status :
# sestatus
Disable SELinux :
setenforce 0
Enable SELinux :
# setenforce 1
Permanent disable :
edit this file /etc/selinux/config
Version check helped me OpenSSL. OpenSSL_1_0_1f not supported TSLv.1_2 !
Check version and compatibility with TSLv.1_2 on github openssl/openssl
. And regenerate your certificate with new openssl
openssl pkcs12 -in path.p12 -out newfile.pem
P.S I don’t know what they were minus, but this solution will really help.
That most likely refers to a connection issue. It could be either that your internet connection was down, or the web service you are trying to use was down. I suggest using this service to see if the web service is online or not: http://downforeveryoneorjustme.com/