Below php code works perfectly fine with php5.4 but as soon as i move to 5.6 below code crashes.
$url = "urlofanimage";
$out = getimagesize($url);
print_r($out);
We are getting
PHP Warning: getimagesize(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in ...
Solution:
I know there is a way to disable SSL verification when using get_put_contents() but can we solved it
1> Global php.ini settings
2> changing code to minimum
Related
We run an apache2 server and want to use google recaptcha due to high volume of bots on our newsletter.
Therefore I implemented some lines of developers php-code which in general should work ... but not on my server.
I investigated further and found that the function file_get_contents() ends with an SSL error.
file_get_contents(self::SITE_VERIFY_URL, false, $context)
Below you can find an extract from the servers log file.
PHP Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages:\nerror:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /var/www/html/app/lib/vendor/google/recaptcha/src/ReCaptcha/RequestMethod/Post.php on line 68
PHP Warning: file_get_contents(): Failed to enable crypto in /var/www/html/app/lib/vendor/google/recaptcha/src/ReCaptcha/RequestMethod/Post.php on line 68
PHP Warning: file_get_contents(https://www.google.com/recaptcha/api/siteverify): failed to open stream: operation failed in /var/www/html/app/lib/vendor/google/recaptcha/src/ReCaptcha/RequestMethod/Post.php on line 68
This brought me to the conclusion that Openssl is misconfigured.
So I:
reinstalled ca-certificates with apt-get purge ca-certificate
Also downloaded the cacert.pem and linked it in the php.ini
checked if curl works properly, but it doesnt (every call of curl ends with curl: (60) SSL certificate problem: unable to get local issuer certificate
checked openssl.cnf which looks ok to me.
Any ideas how to solve this would be great.
So I found the problem:
First I changed the filepath according to the comment by drew010.
Then I fixed issues on my server with file permissions of /etc/ssl/certs according to this post: https://askubuntu.com/a/636979
Now file_get_contents does not invoke any errors and recaptcha runs smoothly.
I have an instance of a php site that requires a script running behind an https link on the intranet for my company. The https link is using a self-signed cert. I have tried updating the cacert.pem to allow it but I still get the following:
Warning: require(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
If I were using cURL I would just bypass the ssl on this request but with require I cannot.
Any ideas?
I change my server and now I have some problem with the function fsockopen() and file_get_contents()
I always has this error :
Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /home/curl.php on line 6
I know I can tell by the code to not verify the peer and trust certificate, but I'm pretty sure I have a problem of configuration in my php. I have already configured the openssl.cafile in php.ini with the last pem
If any one has a solution and could help me, I'll appreciate it.
Thank you
I followed a certain tutorial found here to install Wordpress onto App Engine, using a SQL Cloud Database.
I'm up to the point when I have to run the setup script to download the Wordpress archive and plugins. When that command is ran I get the following errors:
Downloading the WordPress archive...
Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /Users/Me/Sites/Blog/src/Project.php on line 47
Warning: file_get_contents(): Failed to enable crypto in /Users/Me/Sites/Blog/src/Project.php on line 47
Warning: file_get_contents(https://wordpress.org/latest.zip): failed to open stream: operation failed in /Users/Me/Sites/Blog/src/Project.php on line 47
I've looked at multiple resources to combat this issue such as, this one, where they suggest to set the verification to the peer to false, but I do not have that option within this project. I also found that someone suggested to use curl instead but I'm unsure how to use that without breaking the project.
While attempting to clean up our project dependencies, composer is failing with the errors:
The "https://packagist.drupal-composer.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
https://packagist.drupal-composer.org could not be fully loaded, package information was loaded from the local cache and may be out of date
This is happening on a vagrant CentOS 7 box.
I found one answer that recommended to download the Mozilla CA certificate store and ensuring that openssl.cafile is set in php.ini but that didn't work for me.
I ran wget -v https://packagist.drupal-composer.org/packages.json to see what it returned from both my local machine (it worked correctly) and the vagrant box. The output on the vagrant box was:
--2016-04-24 09:08:30-- https://packagist.drupal-composer.org/packages.json
Resolving packagist.drupal-composer.org... 147.75.205.69
Connecting to packagist.drupal-composer.org|147.75.205.69|:443... connected.
ERROR: cannot verify packagist.drupal-composer.org's certificate, issued by "/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3":
Issued certificate not yet valid.
To connect to packagist.drupal-composer.org insecurely, use '--no-check-certificate'.
It seemed strange to me that the certificate was coming back as not yet valid, until I realized that the date in the output was off by 2 days (today is 04-26, not 04-24). After fixing the system clock I retried and was able to download all the dependencies.