We Keep Coding

Composer throwing curl error 60 when updating/installing

I've made the switch to PHP 8.1 after 7.4.26 and when trying to update some existing projects I get this error while behind my company's proxy:
[Composer\Downloader\TransportException] curl error 60 while
downloading https://repo.packagist.org/packages.json: SSL certificate
problem: self signed certificate in certificate chain
I've rummaged WAMP around and checked to make sure that:
SSL is installed both for apache and PHP
The path to the latest cacert.pem is set in the php.ini under both curl.cainfo and openssl.cafile and both lines are uncommented
Both my http and my https proxies are set in my environment variables
Both composer public keys are set up
Restarting my PC/Apache/PHP
Clearing composer cache
Running the composer diagnostic in verbose mode I can see that it's reading the correct proxies, that the http request is getting a 200 response, but I get error 60 when it tried to get the https ones. What's bugging me is that if I do curl https://repo.packagist.org/packages.json I get the json without problem. I also have npm and git working just fine behind the same proxy. I've tried running composer with TSL disabled, even going back to my previous version of PHP but I keep getting the same error.
If anyone has an idea what this could be, this is an excerpt from composer diagnose:
Checking platform settings: OK
Checking git settings: Executing command (CWD): git config color.ui
Executing command (CWD): git --version
OK git version 2.29.1
Checking http connectivity to packagist: Downloading http://repo.packagist.org/packages.json using proxy (http://10.96.210.50:8080)
[200] http://repo.packagist.org/packages.json
OK
Checking https connectivity to packagist: Downloading https://repo.packagist.org/packages.json using proxy (http://10.96.210.50:8080)
FAIL
[Composer\Downloader\TransportException] curl error 60 while downloading https://repo.packagist.org/packages.json: SSL certificate problem: self signed certificate in certificate chain
Checking HTTP proxy: Downloading https://repo.packagist.org/packages.json using proxy (http://10.96.210.50:8080)
FAIL
[Composer\Downloader\TransportException] curl error 60 while downloading https://repo.packagist.org/packages.json: SSL certificate problem: self signed certificate in certificate chain
Checking github.com rate limit: Downloading https://api.github.com/rate_limit using proxy (http://10.96.210.50:8080)
FAIL
[Composer\Downloader\TransportException] curl error 60 while downloading https://api.github.com/rate_limit: SSL certificate problem: self signed certificate in certificate chain
Checking disk free space: OK
Checking pubkeys:
Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0 87719BA6 8F3BB723 4E5D42D0 84A14642
Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B 0C708369 153E328C AD90147D AFE50952
OK
Checking composer version: Downloading https://getcomposer.org/versions using proxy (http://10.96.210.50:8080)
FAIL
[Composer\Downloader\TransportException] curl error 60 while downloading https://getcomposer.org/versions: SSL certificate problem: self signed certificate in certificate chain
Composer version: 2.5.1
PHP version: 8.1.0
PHP binary path: C:\wamp64new\bin\php\php8.1.0\php.exe
OpenSSL version: OpenSSL 1.1.1l 24 Aug 2021
cURL version: 7.77.0 libz 1.2.11 ssl OpenSSL/1.1.1l
zip: extension present, unzip not available, 7-Zip present (7z)

Best way to update PHP version on bedrock wordpress site

I updated the language of my question, because the original question seemed to be worded in a confusing way (evident from downvotes and unhelpful comments). Hope this makes more sense.
Hi, I'm trying to upgrade the PHP version on a site, I followed this thread and it worked nicely on my development site - I basically changed all instance of PHP "7.1" in the trellis directory to "7.4", and required a PHP version of at least 7.4 in composer and ran composer update.
I happily pushed the update to the staging site, but when I attempted to provision the server with ansible-playbook server.yml -e env=staging, I received the following error:
TASK [Install Python 2.x] ************************************************************************************* ***********************************
System info:
Ansible 2.3.0.0; Linux
Trellis at "Update PHP from 7.1 to 7.4"
---------------------------------------------------
Shared connection to 107.170.41.149 closed.
fatal: [107.170.41.149]: FAILED! => {"changed": false, "failed": true, "rc": 100, "stderr": "Shared connection to 107.170.41.149 closed.\r\n", "stdout": "/usr/bin/python\r\nE: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a solution).\r\n", "stdout_lines": ["/usr/bin/python", "E: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a solution)."]}
Ansible seems to be getting stuck on the "Install Python 2." task. The staging server cannot be provisioned, and when I run php -v on the server it says it's running PHP 7.2.
How do I update PHP? I am avoiding doing it manually, because my gut's telling me there's a special roots way.
The server in question is Ubuntu 16.04 running PHP 7.2 (as mentioned above).
Below is the verbose output of the error from provisioning the staging server:
System info:
Ansible 2.3.0.0; Linux
Trellis at "Update PHP from 7.1 to 7.4"
---------------------------------------------------
OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /home/jill/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: auto-mux: Trying existing master
debug2: fd 3 setting O_NONBLOCK
debug2: mux_client_hello_exchange: master version 4
debug3: mux_client_forwards: request forwardings: 0 local, 0 remote
debug3: mux_client_request_session: entering
debug3: mux_client_request_alive: entering
debug3: mux_client_request_alive: done pid = 16490
debug3: mux_client_request_session: session request sent
debug1: mux_client_request_session: master session id: 2
debug3: mux_client_read_packet: read header failed: Broken pipe
debug2: Received exit status from master 100
Shared connection to 107.170.41.149 closed.
fatal: [107.170.41.149]: FAILED! => {
"changed": false,
"failed": true,
"rc": 100,
"stderr": "OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n 7 Dec 2017\r\ndebug1: Reading configuration data /home/jill/.ssh/config\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: Applying options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 16490\r\ndebug3: mux_client_request_session: session request sent\r\ndebug1: mux_client_request_session: master session id: 2\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 100\r\nShared connection to 107.170.41.149 closed.\r\n",
"stdout": "/usr/bin/python\r\nE: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a solution).\r\n",
"stdout_lines": [
"/usr/bin/python",
"E: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a solution)."
]
}

This is neither a PHP composer nor a Python problem nor an Ansible problem. The underlying operating system (Ubuntu) has a problem with its apt libraries. The error comes from APT. Sadly you didn't tell us, what ansible module you use in the task named "Install Python 2.x".
Try 'apt-get -f install' with no packages
I think, some package installations hang on the system and need to be installed or configured. This may not have anything to do with your current job of upgrading PHP. Something went wrong in the past. APT will continue to stop operating til this issue is solved. Normally you would do it manually and have a look at the output of apt-get -f install to get an advice of what is the problem with that system. I think it will try to fix the issue automatically or throw an error what is the real issue (for example with two packages that cannot be installed at the same time or a file or directory that is missing or contains wrong values).
This is nothing "normal" which should happen all the time, when you update 100 hosts. This is very specific and part of the so called "configuration gap". Of course -if you dont want to login manually- you can ignore that error in your playbook task, but register the result, if the task failes, check, if the error messages in the registered var contains the above message in stderr and call a command module in your playbook. This would be a little bit of "self-healing".
Something like this
- package:
name: "..."
ignore_errors: true
register: installation
- shell: "apt -f install"
register: self_healing
when:
- "installation is failed"
- "'apt -f install' in installation.stderr"
- debug:
var: self_healing
when: "self_healing is defined"

Getting error while installing laravel installer in window 10

I am using Windows 10 and composer is installed. When I try to install laravel installer globally using this command:
composer global require laravel/installer
[Composer\Downloader\TransportException]
The "https://repo.packagist.org/packages.json" file could not be downloaded:
failed to open stream: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
It means package not downloaded. I am not using any proxy server.
Composer diagnose result is listed below:
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist:
[Composer\Downloader\TransportException] The "http://repo.packagist.org/packages.json" file could not be downloaded: failed to open stream: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Checking https connectivity to packagist:
[Composer\Downloader\TransportException] The "https://repo.packagist.org/packages.json" file could not be downloaded: failed to open stream: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Checking github.com rate limit: FAIL
[Composer\Downloader\TransportException] The
"https://api.github.com/rate_limit" file could not be downloaded: failed to
open stream: A connection attempt failed because the connected party did not
properly respond after a period of time, or established connection failed
because connected host has failed to respond.
Checking disk free space: OK
Checking pubkeys:
Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0 87719BA6 8F3BB723 4E5D42D0 84A14642
Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B 0C708369 153E328C AD90147D AFE50952 OK
Checking composer version: OK
Composer version: 1.8.0
PHP version: 7.2.1
PHP binary path: E:\xampp\php\php.exe

To resolve this, configure composer to use the https repository by running the following command on the cli before installing Laravel
composer config -g repo.packagist composer https://packagist.org

Do you use any antivirus?
If yes try to disable then check.
Sometime Mcafe prevent to download packagist.

The following steps will fix most "packages.json file could not be downloaded" issue with Composer:
Verify your firewall setting. Disable Firewall for starters
Enable PHP OpenSSL Extension
Enable PHP allow_url_fopen directive
Note: Make sure you are working with the right PHP version and Environment (apache, CLI, etc.) when you modify the php.ini file.

I believe you are facing the same issue as this and
this. Composer recommends the following:
We recommend you fix your IPv6 setup. If that is not possible, you can try the following workarounds:
sadly, for the Windows workaround it says that if your setup cannot be fixed or if that didn't solve the issue then you should outright disable IPv6 which is a common answer and is also suggested here (however the video has been deleted so I've made this post to have a reliable answer).
(I've purposely aligned the windows as such so you can see the steps to the screen)
Open Control Panel
Navigate to Network and Internet
Click on Network and Sharing Centre
On the left hand side of the window click on Change adapter settings
Find your adapter and open the properties by right clicking on it
Find Internet Protocol Version 6 (TCP/IPv6) and uncheck it
Click OK
Edit #1
What is suggested here is:
Install a Windows level VPN or proxy switcher that acts as the default route if you need to change your IP (effectively). Try CyberGhost
and that seemed to solve the issue for the OP.

I noticed this is also happening when changing networks (moving from office to office for example).
How I managed to solve it is to restart the docker container.
I had this situation happening 2 times already and the same solution helped.

All you need to do is to run your cmd/git as Administrator, no need to uninstall anything.

Composer update fails while updating from packagist

While executing composer install/update I have got the following error from openssl:
The "https://packagist.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
https://packagist.org could not be fully loaded, package information was loaded from the local cache and may be out of date
I am using:
PHP 5.6.3 (cli) (built: Nov 17 2014 15:16:53)
XAMPP stack 5.6.3-0
ubuntu 14.04
composer diag shows:
Checking composer.json: OK
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity: FAIL
[Composer\Downloader\TransportException] The "https://packagist.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
Checking disk free space: OK
Checking composer version:
[Composer\Downloader\TransportException]
The "https://getcomposer.org/version" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
php -r 'var_dump(openssl_get_cert_locations());' shows:
array(8) {
["default_cert_file"]=>
string(33) "/opt/lampp/share/openssl/cert.pem"
["default_cert_file_env"]=>
string(13) "SSL_CERT_FILE"
["default_cert_dir"]=>
string(30) "/opt/lampp/share/openssl/certs"
["default_cert_dir_env"]=>
string(12) "SSL_CERT_DIR"
["default_private_dir"]=>
string(32) "/opt/lampp/share/openssl/private"
["default_default_cert_area"]=>
string(24) "/opt/lampp/share/openssl"
["ini_cafile"]=>
string(0) ""
["ini_capath"]=>
string(0) ""
}
For php 5.5.19 everything is Ok.

I found a solution to this
I'm running:
FreeBSD 10.1
Apache2.4
PHP 5.6.3
To find the CA file I ran this command
> locate cacert.pem
Result was:
/usr/local/lib/perl5/site_perl/5.16/Mozilla/CA/cacert.pem
Then open the php.ini file and
change this:
;openssl.cafile=
To this:
openssl.cafile=/usr/local/lib/perl5/site_perl/5.16/Mozilla/CA/cacert.pem
Note: This directive is only available on php 5.6.x
Then restart Apache

I am using Mac OS Sierra and when I was trying to update the composer using the command /usr/local/bin/composer self-update I kept getting the error:
[Composer\Downloader\TransportException]
The "https://getcomposer.org/version" file could not be downloaded: SSL operation failed with co
de 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
I fixed it following these steps:
1) Create the local database using the command:
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.locate.plist
2) Locate the cert file:
locate cacert.pem
3) Check the location of the php.ini file:
php --ini
4) If the 'Loaded Configuration File' for php.ini file is showing as (none), copy the file /etc/php.ini.default to /etc/php.ini:
sudo cp /etc/php.ini.default /etc/php.ini
5) Open the php.ini file and edit the ;openssl.cafile= line by uncommenting it and appending the link to the cert file location:
openssl.cafile=/Users/me/.composer/cacert.pem
Thats it. Now, when you run the composer update, it will work fine.

I solved the problem with the SSL error by adding the SSL certificate to the XAMPP certificates folder.
// navigate to a directory to save the certificate
cd /Downloads
// download a certificate
wget http://curl.haxx.se/ca/cacert.pem
// rename and move the file to the Xampp certificates folder
mv cacert.pem /Applications/XAMPP/xamppfiles/share/openssl/cert.pem
Don't forget to restart your apache!

Adding openssl.cafile to php.ini worked for me too.
Instead of looking for the cert file, I downloaded it directly:
curl http://curl.haxx.se/ca/cacert.pem > cacert.pem
and then just pointed openssl.cafile setting to it.

I ran into the same exact issue on Windows even after adding valid latest certificate downloaded. I'm running composer behind proxy, So i've to add environment variables http_proxy and https_proxy.
My environment:
PHP 5.6.33
Windows 7 64 bit
Composer version 1.6.3 2018-01-31 16:28:17
I downloaded latest certificates CA Bundle and updated following paths in my php.ini still didn't work.
curl.cainfo = C:\Certificates\ca-bundle.crt
openssl.cafile= C:\Certificates\ca-bundle.crt
openssl.capath=C:\Certificates
Then did following steps
1) Open chrome browser and navigate https://packagist.org/
2) Click on the little Secure Lock icon
3) Click on Certificates Valid
4)Open Certificate Path tab and you will see the following path levels
5) Need to export the certificate for both 1&2 marked in the image
6) To export certificate, click on view Certificate, Got to Details Tab and click on Copy to file
7)choose BASE 64 encoding
8) click on Next and save that file to a location, Do this for No. (2) shown in setp 4
9) Open the .cer file and copy the content to the end of .crt file which you used to configure in php.ini
Then try running comport install - It's worked for me
Process should be same if you see composer throwing ssl error when accessing sites over proxy.

1.
php -r "print_r(openssl_get_cert_locations());"
array(8) {
["default_cert_file"]=>
string(31) "/usr/local/etc/openssl/cert.pem"
...
}
2.vim php.ini
[openssl]
openssl.cafile=/usr/local/etc/openssl/cert.pem

composer clearcache
This worked for me when I get error :
https://packagist.org could not be fully loaded, package information was loaded from the local cache and may be out of date

On the mac with XAMPP:
cd /Applications/XAMPP/xamppfiles/share/openssl
sudo curl -O -k http://curl.haxx.se/ca/cacert.pem
sudo mv cacert.pem cert.pem
Stop and Restart Apache

First: Check certificate file location which will be in default_cert_file key, you will found it in openssl_get_cert_locations() its a php openssl function. You can run it as follows:
$ php -r "print_r(openssl_get_cert_locations());"
Output in my system
Array
(
[default_cert_file] => /opt/lampp/share/openssl/cert.pem
[default_cert_file_env] => SSL_CERT_FILE
[default_cert_dir] => /opt/lampp/share/openssl/certs
[default_cert_dir_env] => SSL_CERT_DIR
[default_private_dir] => /opt/lampp/share/openssl/private
[default_default_cert_area] => /opt/lampp/share/openssl
[ini_cafile] =>
[ini_capath] =>
)
Second: Download http://curl.haxx.se/ca/cacert.pem:
$ wget http://curl.haxx.se/ca/cacert.pem
Third: Copy certificate.pem file into default_cert_file location:
$ sudo mv cacert.pem /opt/lampp/share/openssl/cert.pem
** FROM https://github.com/composer/composer/issues/3346 **

I would like to add a simple answer.
Your problem: The composer is unable to download dependency files due to an incorrect certificate, either it is corrupt, incorrect, or not in place at all.
Your potential easiest solution: Download a new certificate and tell Composer to use the new one.
Step 1: Get CA Certificate from https://curl.se/docs/caextract.html
Step 2: Use the following command to use new certificate
composer config --global cafile "<file_path_including_cacert.pem"

For us, this issue only seemed to affect one of our private repositories. It may have had something to do with certs or a corporate firewall, but it seemed intermittent so we weren't able to confirm before we found a different fix.
Inside composer.json, we changed the repository URL from the https to the ssh variant and added the "no-api": trueoption:
"repositories": [
{
"type": "vcs",
"url": "git#github.com:our-user/our-repo.git",
"no-api": true
}
]
With that edit, composer update/install operations were able to complete successfully.

Simply add this configuration to your composer.json file.
"config": {
"secure-http": false
}
Here is an full example of a working composer.json file
"repositories": [{
"type": "composer",
"url": "http://packagist.org"
}],
"require": {
"phpmailer/phpmailer": "^6.0"
},
"config": {
"secure-http": false
}
}
```

Issues with composer.phar with nss and api.github.com

I am attempting to use composer.phar on a server with RHEL6.
Installation details:
curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
PHP 5.4.16 Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies
My composer.json looks like this:
{
"name" : "zendframework/skeleton-application",
"description" : "Skeleton Application for ZF2",
"keywords" : [
"framework",
"zf2"
],
"homepage" : "https://something.com/",
"require" : {
"php" : ">=5.3.3",
"zendframework/zendframework" : "2.*"
}
}
Running php composer.phar update results in:
Loading composer repositories with package information
Updating dependencies (including require-dev)
- Installing zendframework/zendframework (2.2.5)
Downloading: 100%
Downloading: 100%
Downloading: 100%
[Composer\Downloader\TransportException]
The "https://api.github.com/repos/zendframework/zf2/zipball/4a7cf6a4cf791244e14aa0ca49d1f06916b63202" file could not be downloaded: SSL: Connection reset by peer
Failed to enable crypto
failed to open stream: operation failed
Next step was to attempt curl:
$ curl -vvv "https://api.github.com/repos/zendframework/zf2/zipball/4a7cf6a4cf791244e14aa0ca49d1f06916b63202"
* About to connect() to api.github.com port 443 (#0)
* Trying 192.30.252.139... connected
* Connected to api.github.com (192.30.252.139) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* NSS error -5961
* Closing connection #0
* SSL connect error
curl: (35) SSL connect error
Forcing SSLV3 works:
curl -3 -vvv "https://api.github.com/repos/zendframework/zf2/zipball/4a7cf6a4cf791244e14aa0ca49d1f06916b63202"
* About to connect() to api.github.com port 443 (#0)
* Trying 192.30.252.138... connected
* Connected to api.github.com (192.30.252.138) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using SSL_RSA_WITH_RC4_128_SHA
* Server certificate:
* subject: CN=*.github.com,O="GitHub, Inc.",L=San Francisco,ST=California,C=US
* start date: Apr 30 00:00:00 2012 GMT
* expire date: Jul 09 12:00:00 2014 GMT
* common name: *.github.com
* issuer: CN=DigiCert High Assurance CA-3,OU=www.digicert.com,O=DigiCert Inc,C=US
> GET /repos/zendframework/zf2/zipball/4a7cf6a4cf791244e14aa0ca49d1f06916b63202 HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: api.github.com
Has anyone encountered this issue with composer.phar, and overcome it (and will share his/her solution :-) )? I know composer uses PHP's file_get_contents().

Not the best solution, but for the sake of time, I worked around the problem. I took the URL from the error output:
https://api.github.com/repos/zendframework/zf2/zipball/4a7cf6a4cf791244e14aa0ca49d1f06916b63202
I plugged it into a browser on my Windows-based workstation. On the RHEL6 box, in the home directory of the user that is using composer, there is a .composer directory. I placed the downloaded zip file in this directory:
/home/composeruser/.composer/cache/files/zendframework/zendframework
I then had to rename the zip file to what was called for in the url (adding the zip extension):
/home/composeruser/.composer/cache/files/zendframework/zendframework/4a7cf6a4cf791244e14aa0ca49d1f06916b63202.zip
The next time composer was run, it used the cached file, and moved on. If anyone comes up with a way to avoid pre-caching the files on a RHEL6 box with NSS, let me know.