i try to include a file from a remote server. When i use normal ftp everything works well. when i try to use ftps ...
<?php
$erg = include("ftps://user:pw#ftp.doamin.de/files/toinclude.php");
?>
i got an error:
Warning: include(): SSL operation failed with code 1. OpenSSL Error messages: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure in /var/www/html/includetest.php on line 10
Warning: include(ftps://...#ftp.domain.de/files/toinclude.php): failed to open stream: Unable to activate SSL mode in /var/www/html/includetest.php on line 10
the ftpserver is able to work in "ftp over tls" mode when i use filezilla to connect.
on the webserver openssl is activated in this version: OpenSSL 1.0.1f 6 Jan 2014
i already searched the web and this site for quite a while but without any sucess.
lg grischan
Related
We run an apache2 server and want to use google recaptcha due to high volume of bots on our newsletter.
Therefore I implemented some lines of developers php-code which in general should work ... but not on my server.
I investigated further and found that the function file_get_contents() ends with an SSL error.
file_get_contents(self::SITE_VERIFY_URL, false, $context)
Below you can find an extract from the servers log file.
PHP Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages:\nerror:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /var/www/html/app/lib/vendor/google/recaptcha/src/ReCaptcha/RequestMethod/Post.php on line 68
PHP Warning: file_get_contents(): Failed to enable crypto in /var/www/html/app/lib/vendor/google/recaptcha/src/ReCaptcha/RequestMethod/Post.php on line 68
PHP Warning: file_get_contents(https://www.google.com/recaptcha/api/siteverify): failed to open stream: operation failed in /var/www/html/app/lib/vendor/google/recaptcha/src/ReCaptcha/RequestMethod/Post.php on line 68
This brought me to the conclusion that Openssl is misconfigured.
So I:
reinstalled ca-certificates with apt-get purge ca-certificate
Also downloaded the cacert.pem and linked it in the php.ini
checked if curl works properly, but it doesnt (every call of curl ends with curl: (60) SSL certificate problem: unable to get local issuer certificate
checked openssl.cnf which looks ok to me.
Any ideas how to solve this would be great.
So I found the problem:
First I changed the filepath according to the comment by drew010.
Then I fixed issues on my server with file permissions of /etc/ssl/certs according to this post: https://askubuntu.com/a/636979
Now file_get_contents does not invoke any errors and recaptcha runs smoothly.
I'm trying to connect to a FTPS Server with PHP 5.6.40 on Windows.
I know that I need to recompile PHP to include OpenSSL and FTP in the PHP bundle and that's what I did.
The ftp_ssl_connect function is here now but I get a SSL/TLS handshake error.
When I try to connect to a public FTPS Server, I encounter the following error:
Warning: ftp_login(): SSL/TLS handshake failed in D:\home\site\wwwroot\index.php on line 13
PHP Warning: ftp_login(): SSL/TLS handshake failed in D:\home\site\wwwroot\index.php on line 13 PHP Warning: ftp_login(): AUTH command ok. Expecting TLS Negotiation. in D:\home\site\wwwroot\index.php on line 13
Warning: ftp_login(): AUTH command ok. Expecting TLS Negotiation. in D:\home\site\wwwroot\index.php on line 13
This script runs great on PHP 5.6.40/Linux.
I tried too, to have the same result with cURL commands, It's great on Windows and Linux, but I would really like to use PHP's FTP commands.
Any idea ?
<?php
$ftpserver = "test.rebex.net";
$user = "demo";
$mdp = "password";
$connectionId = ftp_ssl_connect($ftpserver);
$login_result = ftp_login($connectionId, $user, $mdp);
ftp_pasv($connectionId, true);
$pasv_result = ftp_pasv($connectionId, true);
if ($pasv_result)
echo "ok";
else
echo "nok";
print_r( ftp_nlist($connectionId,'.'));
In the php.ini I have:
[openssl]
openssl.cafile= /etc/ssl/cert/mydomaincabundle.crt
this line allow email from PHP with SMTP to be sent from PHP es Wordpress or PHP application as i use mydomain.ext certificate.
Now that I need use composer I discovered this line generate SSL error when PHP app like composer try to download data. The error is:
file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
Now trying to download from source
If i remove the php.ini line
[openssl]
openssl.cafile= /etc/ssl/cert/mydomaincabundle.crt
this issue is solved but i start to see all PHP mail fail so applications like Wordpress etc are unable to send email.
How I can have mail working and also solve the PHP SSL issue?
If i remove the openssl line with the certificate email sent with SMTP SSL will fail.
Connection: opening to ssl://domain.it:465, timeout=300, options=array ()
Connection: Failed to connect to server. Error number 2. "Error notice: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
Connection: Failed to connect to server. Error number 2. "Error notice: stream_socket_client(): Failed to enable crypto
Connection: Failed to connect to server. Error number 2. "Error notice: stream_socket_client(): unable to connect to ssl://domain.it:465 (Unknown error)
SMTP ERROR: Failed to connect to server: (0)
SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
Thank you.
Solved https://github.com/composer/composer/issues/7797#issuecomment-440680491
In centos the position seems to be little bit different How to add Certificate Authority in centos7?
I found it on etc/pki/ca-trust/extracted/openssl
This question already has answers here:
file_get_contents(): SSL operation failed with code 1, Failed to enable crypto
(21 answers)
How to set 'verify_peer_name=false' SSL context option via php.ini in PHP 5.6
(1 answer)
Closed 5 years ago.
file_get_contents(): SSL operation failed with code 1. And more
This answer is not working with me.I have already try it. I don't have "certificate verify failed" issue.
First all of I am new with server configuration.
My issue is when I am using local-machine in which OpenSSl and ssl certificate is not installed....then my code upload image successfully on Facebook Via using Facebook SDK for PHP.
But When I upload same code on Server where ssl enable and https working fine then my code showing me error :-
Warning: fopen(): SSL operation failed with code 1. OpenSSL Error messages:
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
at ErrorHandler ->handleError ('2', 'fopen(): SSL operation failed with code 1. OpenSSL Error messages: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol', '/facebook/php-sdk-v4/src/Facebook/FileUpload/FacebookFile.php', '91', array())
I don't know what's going wrong. Is it any server configuration issue or anything else ?
My machine PHP version is:- PHP 5.5.9-1ubuntu4.20 (cli)
My server PHP version is :- PHP 5.6.11-1ubuntu3.4 (cli)
I am trying to read a remote website offering some JSON objects using file_get_contents. The connection should be encrypted so I try connecting using HTTPS.
<?php
$arrContextOptions=array(
"ssl"=>array(
"cafile" => "api.crt",
"verify_peer"=> true,
"verify_peer_name"=> true
),
);
$context = stream_context_create($arrContextOptions);
$jsonObjects = file_get_contents('https://example.com', false, $context);
?>
However, the connection fails with the following error:
PHP Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages:
error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112) in api-read.php on line 13
PHP Warning: file_get_contents(): Failed to enable crypto in api-read.php on line 13
PHP Warning: file_get_contents(https://example.com): failed to open stream: operation failed in api-read.php on line 13
The sources I found so far mentioned different possible causes.
Using wrong protocol versions. AFAIK you can only disallow certain protocols using the cipher option. PHP should support SSLv2, SSLv3 and TLSv1.0, correct? I verified by using curl on the command line that the remote machine accepts connections using SSLv3.
CN mismatch The CN mentioned in the certificate is the IP address I am connecting to.
So far I could not solve the issue or find any helpful information. I am running out of ideas. Any suggestions?