I'm trying to connect testlink with JIRA but I'm having problems with the JIRA certificate. I configure testlink to connect to JIRA but this error appear:
SoapClient::__doRequest(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed - in /opt/testlink-1.9.14-2/apps/testlink/htdocs/lib/issuetrackerintegration/jirasoapInterface.class.php - Line 197
I don't know anything about PHP but I need this application to manage test plans. testlink are deployed at httpd2.
At java the certificate from JIRA has to be added to the jdk cacerts, but in php where?
Related
I have an instance of a php site that requires a script running behind an https link on the intranet for my company. The https link is using a self-signed cert. I have tried updating the cacert.pem to allow it but I still get the following:
Warning: require(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
If I were using cURL I would just bypass the ssl on this request but with require I cannot.
Any ideas?
I tried to install Composer on a fresh newly installed Windows 10 Pro build 1809 and I got this error message.
The Composer installer script was not successful [exit code 1].
OpenSSL failed with a 'certificate verify failed' error. This
indicates a problem with the Certificate Authority file(s) on your
system, which may be out of date.
Certificate location [from openssl.cafile ini setting]:
D:\xampp\apache\bin\curl-ca-bundle.crt
The php.ini used by your command-line PHP is: D:\xampp\php\php.ini
Script Output:
The "https://getcomposer.org/versions" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
I've tried to replace the "curl-ca-bundle.crt" with "cacert.pem" from http://curl.haxx.se/ca/cacert or with "ca-bundle.crt" but it's nothing, the error messages still happened.
Can anyone help me to fix this problem?
Finally, I solved this problem. Because my company's blocked something on the network. Then I try to switched to the other network, then It's succuessfully installed!
I was trying to develop a twitter streaming application on my AWS EC2 machine. The OS platform is Ubuntu 16.04.1 LTS and I have downgraded the PHP version to 5.6.28-1+deb.sury.org~xenial+1
When I run the twitter streaming application on this server, I am getting the following errors.
Warning: fsockopen(): Peer certificate CN=`stream.twitter.com' did not match expected CN=`199.16.156.217' in /var/www/html/myapp/streamer/twitterstreamer.php on line 620
Warning: fsockopen(): Failed to enable crypto in /var/www/html/myapp/streamer/twitterstreamer.php on line 620
Warning: fsockopen(): unable to connect to ssl://199.16.156.217:443 (Unknown error) in /var/www/html/myapp/streamer/twitterstreamer.php on line 620
The same code is running without any issues in another two machines (one is AWS EC2 and the another is a godaddy server).
All the ports in the current EC2 machine is open now and the SSL version is OpenSSL/1.0.2g the openssl section is having the following value.
openssl section - phpinfo
Can someone help me to find where the exact issue is ?
The issue is resolved with the clue fro the first error.
Warning: fsockopen(): Peer certificate CN='stream.twitter.com' did not match expected CN='199.16.156.217' in /var/www/html/myapp/streamer/twitterstreamer.php on line 620
In PHP 5.6.x, the value of openssl VERIFY_PEER is true by default. The system will first fetch the certificate from the peer and matches with ours. In my application, I was connecting with the IP and the URL in the fetched certificate is stream.twitter.com. This was the issue.
Changing IP in the fsockopen to stream.twitter.com solved my issue.
PHP versions prior to 5.6, the default value of VERIFY_PEER is false and this is why the same code running on my other instances.
While attempting to clean up our project dependencies, composer is failing with the errors:
The "https://packagist.drupal-composer.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
https://packagist.drupal-composer.org could not be fully loaded, package information was loaded from the local cache and may be out of date
This is happening on a vagrant CentOS 7 box.
I found one answer that recommended to download the Mozilla CA certificate store and ensuring that openssl.cafile is set in php.ini but that didn't work for me.
I ran wget -v https://packagist.drupal-composer.org/packages.json to see what it returned from both my local machine (it worked correctly) and the vagrant box. The output on the vagrant box was:
--2016-04-24 09:08:30-- https://packagist.drupal-composer.org/packages.json
Resolving packagist.drupal-composer.org... 147.75.205.69
Connecting to packagist.drupal-composer.org|147.75.205.69|:443... connected.
ERROR: cannot verify packagist.drupal-composer.org's certificate, issued by "/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3":
Issued certificate not yet valid.
To connect to packagist.drupal-composer.org insecurely, use '--no-check-certificate'.
It seemed strange to me that the certificate was coming back as not yet valid, until I realized that the date in the output was off by 2 days (today is 04-26, not 04-24). After fixing the system clock I retried and was able to download all the dependencies.
I am trying to implement a PHP SOAP based web service into my web application. I am getting a series of errors which seem to point to a conflict of libraries with regard to OpenSSL (or Curl, etc.), this I have understood by searching the internet for similar errors, but thought a general consensus that libraries are the issue, there is no solution that I can find.
Warning (2): SoapClient::__doRequest() [soapclient.--dorequest]: SSL operation failed with code 1. OpenSSL Error messages:
error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert unexpected message [CORE/vendors/Startrack/WSSecurity.php, line 110]
Warning (2): SoapClient::__doRequest() [soapclient.--dorequest]: Failed to enable crypto [CORE/vendors/Startrack/WSSecurity.php, line 110]
Warning (2): SoapClient::__doRequest() [soapclient.--dorequest]: connect() failed: Unspecified error [CORE/vendors/Startrack/WSSecurity.php, line 110]
Notice (8): Undefined property: SoapFault::$detail [APP/controllers/startrack_controller.php, line 38]
Notice (8): Trying to get property of non-object [APP/controllers/startrack_controller.php, line 38]
Could not connect to host
This is being served from a Mac OSX Lion server. PHP 5.3.3 is installed, and the extensions for OpenSSL, Curl and SOAP are enabled. This is being built within CakePHP which explains the syntax of the error messages above. I am using a PHP Web Service bundle already provided. The above works when hosted via MAMP, but I am hoping to not have to rely on MAMP.
The only incompatibility I can find is between the OpenSSL headers and library versions, but from what I know this ought not be a problem?
OpenSSL Library Version OpenSSL 0.9.8r 8 Feb 2011
OpenSSL Header Version OpenSSL 0.9.8l 5 Nov 2009
I am trying to understand if the assumed 'conflict' is between my server and the remote server? The WSDL file is included in the Web Service API, as they hope to avoid any issues, and it works through a MAMP install on the same computer. So I think it is a setup issue between Apache/PHP and Curl/OpenSSL.
Any pointers to how to establish the actual issue, and rectify it would be appreciated.
This could be because you are trying to connect with an SSL 3 enabled server, that may (?) have SSL 2 disabled.
Try connecting to the server like this on the command line:
openssl s_client -connect {SERVER NAME OR IP}:443 -state
If that does not work, then try connecting like this:
openssl s_client -ssl3 -connect {SERVER NAME OR IP}:443 -state
If that does work, then try creating a wrapper class, similar to this one found in the PHP documentation.
You should add a line similar to:
curl_setopt($handle, CURLOPT_SSLVERSION, 3);
inside the callCurl function to force SOAP to connect over version three of ssl.