I'm trying to get composer to work on a remote Windows-machine which is using a proxy, but I always get this error when doing a composer install/update:
[Composer\Downloader\TransportException] curl error 60 while
downloading https://flex.symfony.com/versions.json: SSL certificate
problem: unable to get local issuer certificate
This is my composer.bat:
#echo OFF
:: in case DelayedExpansion is on and a path contains !
setlocal DISABLEDELAYEDEXPANSION
set HTTP_PROXY=<proxyurl>
php "%~dp0composer.phar" %*
Obviously setting the proxy is needed, if I delete the line, the error becomes this:
[Composer\Downloader\TransportException] curl error 28 while
downloading https://flex.symfony.com/versions.json: Operation timed
out after 10000 milliseconds with 0 out of 0 bytes received
composer diag gives me this (with the proxy set):
Checking composer.json: OK
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist: OK
Checking https connectivity to packagist: OK
Checking HTTP proxy: OK
Checking github.com rate limit: OK
Checking disk free space: OK
Checking pubkeys:
Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0 87719BA6 8F3BB723 4E5D42D0 84A14642
Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B 0C708369 153E328C AD90147D AFE50952
OK
Checking composer version: OK
Composer version: 2.0.9
PHP version: 7.4.7
PHP binary path: C:\Program Files\PHP\current\php.exe
OpenSSL version: OpenSSL 1.1.1g 21 Apr 2020
cURL version: 7.69.1 libz 1.2.11 ssl OpenSSL/1.1.1g
zip: extension present, unzip not available
I've been through a lot of posts and tutorials, but none of the answers work for me. (Some are just about curl and it's options to switch off the cert-check but that doesn't work for composer). Here's what I have tried:
Downloaded cacert.pem from http://curl.haxx.se/ca/cacert.pem or https://curl.se/docs/caextract.html (no copy&paste as some said editing the file would corrupt it - however that's supposed to happen)
saved the file locally
activated openssl in php.ini
edited php.ini and added the path of the cert-file for "curl.cainfo" as well as "openssl.cafile" (according to some posts that makes a difference, so I tried both), used the full path and quotes, like this: curl.cainfo="C:\Program Files\PHP\cacert.pem"
moved the pem-file to different directories to make sure no Windows-permissions would make it inaccessible (I also set the file and it's directory to be accessible by all users just to make sure)
used php -r "print_r(openssl_get_cert_locations());" to find out the default certfile-location (it's "C:\Program Files\Common Files\SSL"), also saved the cert-file there
All of this did not work, the error remains the same.
Then I found a post which set a repository in composer.json and explicitely set the certfile for that repo, so I also tried it and added this to my composer.json:
{
"repositories": [{
"type": "composer",
"url": "https://flex.symfony.com",
"options" : {
"ssl" : {
"cafile" : "cacert.pem"
}
}
}]
}
The file "cacert.pem" is in the same directory as my composer.json, now the error is this:
[Composer\Downloader\TransportException] The
"https://flex.symfony.com/packages.json" file could not be downloaded
(HTTP/2 404 )
which is not that surprising, as trying to access "https://flex.symfony.com/packages.json" via a browser also gives me a 404. (Don't know if it makes a difference that all at a sudden "packages.json" couldn't be loaded while the cert-error complained about "versions.json", have no idea which is loaded first and if this error is a "good" sign.)
This trial-and-error journey has been going on for days, I'm out of ideas, so any help is appreciated!
i have no idea if your problem is the same as the problem i just got. but i solved it by executing this in cmd:
composer config -g -- disable-tls false
i'm using wamp anyway.
Further research led me to the proxy, which is ZScaler, being the problem. As stated in this post, ZScaler intercepts SSL traffic and re-encrypts it with its own certificate which is not trusted, so Composer (or any other program accessing sites via https) will complain with the above error that it's "unable to get local issuer certificate".
So the solution must be to get the "ZScaler Intermediate Root CA" to be trusted on the server. (Which I can't do myself due to company policy, but anyone looking for a solution to the above problem probably has another hint now what to do.)
after using the composer config -g secure-http false and clear my composer cache using composer clearcache solved my problem, with WAMP server.
If you use a symfony/flex older than 1.17.1:
composer show symfony/flex
then you need to update it with:
composer update symfony/flex --no-plugins --no-scripts
Source
Linux
(Paths in this guide will assume a default Linux installation on Ubuntu 18.04 LTS, but it will be similar for other distros.)
Download the latest CA bundle extract from curl.se
wget https://curl.se/ca/cacert.pem -O /etc/ssl/certs/cacert.pem --no-check-certificate
Edit your php.ini file.
For Ubuntu 18.04, there are 2 php.ini files which need to be modified in the following locations:
/etc/php//cli/php.ini
/etc/php//fpm/php.ini
Replace the with the version of PHP you’re using, so for PHP 7.4, the path will be /etc/php/7.4/…
In these files, you need to either modify or add the curl.cainfo and openssl.cafile parameters with the path to the new CA bundle:
[curl]
curl.cainfo = /etc/ssl/certs/cacert.pem
[openssl]
openssl.cafile = /etc/ssl/certs/cacert.pem
(only add the parameter if it does not already exist in your php.ini file. Duplicate parameters can prevent PHP from running correctly)
Restart your php-fpm to load the new settings.
systemctl restart php-fpm
Replace the with the version of PHP you’re using, so for PHP 7.4, the command will be systemctl restart php7.4-fpm
DONE!
source: (https://support.deskpro.com/is/kb/articles/how-to-update-curl-trusted-root-certificates)
Yes sometime the issue encounter if system is not connected to Zscaler which is installed by company for security. Connect with Zscaler and re run the command. The issue will get resolved.
https://asset-packagist.org could not be fully loaded (curl error 60
while downloading https://asset-packagist.org/packages.json: SSL
certificate problem: certificate has expired), package information was
loaded from the local cache and may be out of date
I am facing this Issue while composer install on Yii2 Project Operating System Windows and Wamp
I update the Certificate using this Video SSL certificate on Wamp
Still facing same issue at last I update the composer using command composer self-update Everything works fine I update composer version from 2.1.8 to 2.2.7
Update keys using:
composer self-update --update-keys
Then follow the instructions (copy and paste the key from https://composer.github.io/pubkeys.html)
Even this an old question and has many answers I found myself that none of them worked for me. In my case I've a local development environment using Docker, so using some sort of OS-hack would not work since is not persistent and furthermost cannot be passed down to any of my teammates (yes I know I could have my own image but does not worth the effort). The issue was raised while using the assets-packagist repository.
I solve this using this post, and for that I downloaded the cacert.pem at my project root dir and bound it to my container and set the repository as follows:
"assets": {
"type": "composer",
"url": "https://asset-packagist.org",
"options": {
"ssl": {
"verify_peer": true,
"allow_self_signed": true,
"cafile": "/var/www/html/cacert.pem"
}
}
}
This way any composer command work and trust in the registry certificate.
It seems you made the mistake of going on the wrong path
If you are using PHP version php7.4.21
CORRECT : Applications/MAMP/bin/php/php7.4.21
WRONG : Applications/MAMP/config/php7.4.21
I'm using Ubuntu 16.04 and trying to install Laravel (any version). Actually I cloned from GitHub the Laravel project (https://github.com/laravel/laravel) After cloning I'm running the command as below:
root:/var/www/html/laravel$ composer install
Loading composer repositories with package information
Updating dependencies (including require-dev)
Authentication required (packagist.org):
Username:
This is the issue I'm facing, I don't know what username I have to give, and why its asking authentication.. And if I run composer diagnose I get this output:
composer diagnose
Checking composer.json: OK
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist: Authentication required (packagist.org):
Username:
Any suggestions or can anyone tell what was I'm missing here?
run composer config --global repo.packagist composer https://packagist.org and then try again. This should prevent it from using http protocol and force https which might fix it in case you have a bad proxy in the way.
In my case, solved the issue as below:
$ composer diagnose
Checking composer.json: OK
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist: OK
Checking https connectivity to packagist: OK
Checking github.com rate limit: OK
Checking disk free space: OK
Checking pubkeys: FAIL
Missing pubkey for tags verification
Missing pubkey for dev verification
Run composer self-update --update-keys to set them up
Checking composer version: WARNING
You are not running the latest stable version, run `composer self-update` to update (1.6.3 => 1.7.2)
Composer version: 1.6.3
PHP version: 7.2.8
PHP binary path: /usr/local/Cellar/php/7.2.8/bin/php
The I ran
$ composer self-update --update-keys
Open https://composer.github.io/pubkeys.html to find the latest keys
Enter Dev / Snapshot Public Key (including lines with -----):
[copy and paste the dev pub key]
Enter Tags Public Key (including lines with -----):
[copy and paste the tags pub key]
Then again, I ran
$ composer self-update
However, during installing the package, it still shows:
Authentication required (repo.packagist.org):
Username:
After providing my username and password for my packagist.org account and having my credential stored in /Users/xxx/.composer/auth.json, the issue was resolved.
Try running this composer config --global repo.packagist composer https://packagist.org first on your CLI
I am getting a TransportException when I run composer update on Ubuntu using a fresh install of Laravel Forge.
forge#trust-dale-production-V2:~/default$ composer update
> php artisan clear-compiled
Loading composer repositories with package information
[Composer\Downloader\TransportException]
The "https://api.github.com/repos/amcardwell/trust-dale" file could not be downloaded (HTTP/1.1 404 Not Found)
I am able to run a composer install... and I can use git connect to my git repo and push/pull. Here is an output of composer diag:
forge#trust-dale-production-V2:~/default$ composer diag
Checking composer.json: WARNING
require.yangqi/htmldom : unbound version constraints (dev-master) should be avoided
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist: OK
Checking https connectivity to packagist: OK
Checking github.com rate limit: OK
Checking disk free space: OK
Checking pubkeys: FAIL
Missing pubkey for tags verification
Missing pubkey for dev verification
Run composer self-update --update-keys to set them up
Checking composer version: OK
Why am I getting this error?
I figured it out. I didnt have a github oauth token linked yet. Thanks :)
I'm using win7x64.
I can install laravel using composer when I'm not behind proxy, but when I'm behind proxy I cannot install anything using composer.
I tried install laravel/socialite I receive error:
The
"http://packagist.org/p/provider-2013$64cefc090dc586bcea264a3e17529dfa29b16b
2bf50c52626562f13772982949.json" file could not be downloaded: failed
to open st ream: HTTP request failed! http://packagist.org could not
be fully loaded, package information was loaded f rom the local cache
and may be out of date
[Composer\Downloader\TransportException] The
"http://packagist.org/p/laravel/socialite$d9a828b00026fe40a14532c7f93e7
adc78725a74da02a035cd267618876c312a.json" file could not be
downloaded: fai led to open stream: HTTP request failed!
require [--dev] [--prefer-source] [--prefer-dist] [--no-progress]
[--no-update] [--update-no-dev] [--update-with-dependencies]
[--ignore-platform-reqs] [--sort- packages] [packages1] ...
[packagesN]
I have http_proxy and https_proxy env setup.
composer selfupdate is working
but
composer update is not working
Loading composer repositories with package information Updating
dependencies (including require-dev) The
"http://packagist.org/p/provider-2013$64cefc090dc586bcea264a3e17529dfa29b16b
2bf50c52626562f13772982949.json" file could not be downloaded: failed
to open st ream: HTTP request failed! http://packagist.org could not
be fully loaded, package information was loaded f rom the local cache
and may be out of date Nothing to install or update Generating
autoload files Generating optimized class loader
other cli (eg. gem) is working
I have tried
this solution
but it still not working
Here are the composer diag stat:
Checking composer.json: OK
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist: FAIL
[Composer\Downloader\TransportException] The "http://packagist.org/packages.json
" file could not be downloaded: failed to open stream: HTTP request failed!
Checking https connectivity to packagist: OK
Checking HTTP proxy: OK
Checking HTTP proxy support for request_fulluri: FAIL
Unable to assess the situation, maybe packagist.org is down (The "http://packagi
st.org/packages.json" file could not be downloaded: failed to open stream: HTTP
request failed! )
Checking HTTPS proxy support for request_fulluri: OK
Checking github.com rate limit: OK
Checking disk free space: OK
Checking composer version: OK
Is there any setup I missed?
I add this to composer.json
"repositories": [
{
"packagist": false
},
{
"type": "composer",
"url": "https://packagist.org/"
}
],
This solution is from:
https://github.com/composer/composer/issues/1992
I am having issues installing laravel. I have followed the first two methods, (composer global require "laravel/installer=~1.1") and (composer create-project laravel/laravel --prefer-dist) on this site and they failed.
I guess upon looking through the forums i need to output my result for compose diag......
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity: OK
Checking HTTP proxy: OK
Checking HTTP proxy support for request_fulluri: FAIL
Unable to assert the situation, maybe packagist.org is down (The "http://packagist.org/packages.json" file could not be downloaded (HTTP/1.0 400 Bad Request))
Checking HTTPS proxy support for request_fulluri: OK
Checking disk free space: OK
Checking composer version: OK
I want to know why i cannot install laravel with these two methods.
I am using a proxy. Yes. But i don't know what reques_fulluri means and what it does.