Openssl php not working - php

I am trying to build a twitter feed to search for relevant hashtags and display them in my mobile app. I found a package at http://mlemos.users.phpclasses.org/package/8109-PHP-Generate-RSS-feeds-from-timelines-and-searches.html that seems to do the job. However, opensll isnt loading. i get Error: it was not possible to open the API call URL: establishing SSL connections requires the OpenSSL extension enabled. Now, i have used open ssl on this machine before, and phpinfo says it is enabled. i have checked my php.ini file to make sure the line is uncommented, as well as check my path variable. No success. Google has turned up nothing helpful. Any ideas? Thanks

Ended up using a twitAPI handler package

Related

Woocommerce Webshop on bitnami stack (ec2): SSL operation failed with code 1. OpenSSL Error messages: error:14090086

I simply can't find a solution to this. I migrated a Wordpress site with a woocommerce shop and payment gateway "Payunity" to a new EC2 machine with a bitnami wordpress stack.
I generated a Let's Encrypt SSL certificate and the entire site works as expected.
Only problem I have is that for some reason on the woocommerce checkout page I suddenly get this error message:
SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:ssl3_get_server_certificate:certificate
verify failed
I googled extensively and tried figuring this out but no chance.
Any idea what I have to set on the server to have this go away? I tried modifying the php.ini with the capath and cafile like some threads pointed out but no luck.
Any ideas?
Update: I now moved to Cloudflare as DNS Manager and have the "Full (strict) setting so that the Cloudflare SSL is the one in use. However still the same error, so I figure this has nothing todo with the original Let's Encrypt or now Cloudflare SSL Certificate.
I believe this error message is caused by CURL. According to the CURL FAQ (https://github.com/curl/curl/blob/master/docs/FAQ) section 4.12 (where exactly this error message is mentioned), "it means that curl couldn't verify that the server's certificate was good. Curl verifies the certificate using the CA cert bundle that comes with the curl installation." (vsince CURL 7.10).
As your CURL version is quite old (released on Oct 7, 2015), I would assume that one of the CA/root certificates it is using is too old. I would recommend updating CURL separately (e.g. using this guide: http://pavelpolyakov.com/2014/11/17/updating-php-curl-on-ubuntu/, depending on your OS).
Furthermore, you can check the openssl.cafile option in php.ini that should point to an absolute path containing a more or less recent CA bundle (e.g. "C:\xampp7.3\apache\bin\curl-ca-bundle.crt" for my XAMPP installation). You can try to extract the bundle from the XAMPP .zip (https://www.apachefriends.org/download.html) and replace the path in your php.ini and then restart the server.
In addition, you can check your php.ini if extension=php_openssl.* (extension e.g. dll for Windows) is uncommented, i.e. activated.
Maybe (and this is why I asked what should be shown normally at this place) a script inside the Payunity plugin is trying to fetch something from an URL with a broken certificate or something similar.
EDIT: As pointed out by Sebastian B., you can check the error.log (in case of Apache) for failed file_get_contents() (or similar) calls because the actual URL of the "file" the site PHP tried to fetch is mentioned there.
EDIT: CURL Perl script to create a fresh ca-bundle.crt file based on Mozilla's chain: https://github.com/curl/curl/blob/master/lib/mk-ca-bundle.pl You can try this (or extract one from a fresh CURL installation) and set this as a path in php.ini. Or you can use this from the Nextcloud project (https://github.com/nextcloud/server/blob/master/resources/config/ca-bundle.crt) or another one (just for testing purposes, of course).

Bolt Extension Repo Currently Unavailable

I am running Bolt CMS locally on my machine using XAMPP. I just upgraded to version 2.0.1 today and everything seems to be working great. The only issue I am having is installing extensions.
On the view/install extensions page, I am seeing this message:
The Bolt extensions Repo at https://extensions.bolt.cm/list.json is currently unavailable. Check your connection and try again shortly.
I do have an active internet connection and am not sure why I cannot connect to the repository from the extensions page. Any help would be appreciated!
Update
In the CommandRunner.php file's setup method, there is this line:
$json = json_decode((file_get_contents($this->packageRepo)));
The problem is coming from the file_get_contents($this->packageRepo) call
The error message being returned from that call is
file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Update 2
The issue is not related to bolt CMS but rather my XAMPP configuration. However, if someone else using bolt CMS locally with XAMPP has already tackled this issue, I would appreciate their input.
At this point, I have not been able to solve the SSL issue with my local server.
I did, however, find a solution that allows me to install bolt extensions.
The solution is to open up the config.yml file and add the following:
extensions:
site: 'http://extensions.bolt.cm/'
This will tell bolt to use the http URL rather than https. I would recommend using the secure URL in production, but this has allowed me to install extensions on my local server until I solve the underlying problem.
I found that the following fixed it correctly for me!
PHP cURL error code 60
From that post:
Use this certificate root certificate bundle:
https://curl.haxx.se/ca/cacert.pem
Copy this certificate bundle on your disk. And use this on php.ini
curl.cainfo = "path_to_cert\cacert.pem"

enable curl in xampp, windows

trying to enable curl in xampp 3.0.12 in windows environment.
Updated the php.ini in the php folder to enable curl, and there is no php.ini file in the apache/bin folder.
phpinfo() says:
loaded configuration file: C:\xampp\php\php.ini
curl support:enbaled
curl information: 7.24.0
and when i try to run a http_get() command php says:
Fatal error: Call to undefined function http_get()
Restarted both windows and xampp several times to update the changes.
Would be grateful for some advice, as I searched through similar topics on the web but can't get any further.
Note that the function http_get() belongs to the pecl http extension and not to the curl extension. Refer to the documentation of the curl extension to learn how you can use it to retrieve documents via http. You'll also find a lot of posts on stackoverflow
Also note, that the function file_get_contents() can be used to get documents over http in a very simple way. Although it is limited it will fit in much cases. To retrieve a page you can issue:
file_get_contents('http://www.server.com/page.html');

Unable to use PHP curl on amazon ec2 free tier

I am currently moving my web app to amazon ec2. Since it's only for testing, I use the free version called ec2 free tier with windows server 2008 instance. However, Although I have done all I know and read this thread ( How to enable cURL in PHP / XAMPP ). I just couldn't use curl on my php script. it always creates the error
Call to undefined function curl_init() in C:\xampp\htdocs\index.php on line 2
Here are all thing I have tried
Install Wamp ( I tried it on XAMPP to)
Uncomment out php_curl in php.ini file ( and restart apache)
Copy two dll files to both system32 and syswow64
Could it have to do with the fact that I am using free vps?
Update:
Also, when I started the apache server in XAMPP , this error appeared
'PHP Startup: unable to load dynamic library curl.dll'
However, I have double checked the ext directory and the php_curl.dll was in there.
i think curl need to access remote sever from our web server. so i opened all traffic in my server outbound rule and it works. i think this is not good solution. still look for better way.
nope.
be sure, that you have the files in the right place, usually its in the plugins folder for php! maybe you cann add a absolute path to your php.ini!
be sure, you edit the correct ini file!
php completly independent to your operatingsystem!
just be sure to doublecheck everything. because its not saying, it has trouble loading your extention, its just saying, the function your trying to call, is not there. so i assume your extention ist not loading at all! :)
One reason I did notice for this cURL plugin to malfunction was the availability of copies of libeay32.dll and ssleay32.dll files. Please check whether your system32 folder has such copies and if so, please rename them to some other names and copy the ones found with the php installation. Sometimes you may need to restart your machine. This was documented here some time ago.
I had a similar problem, but it occours just with requests under https. I tried to create a curl request directly from the ec2 machine and got a error: "curl: (77) error setting certificate verify locations".
It looks like some kind of ssl validation fail because of a certificate not found. So I used a parameter -k (or --insicure) in my curl command, to ignore this validation and after that my curls request did directly from ec2 machine worked.
So I tried to apply a similar ideia in my curl command in php, (I suppoused that the curl php extension forward this requests to the operation system) and I found this curl opt:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
After that it works to me.
Probably this isn't the best way to solve the problem, but solved my problem temporarelly.

Janrain's PHP-OpenID and Google/Yahoo

I'm using Janrain's PHP-OpenID 2.1.3, and I've managed to get it working with all the providers I have tried except for Google and Yahoo. The major difference here seems to be that Google and Yahoo, unlike most other providers, don't use a user-specific URL, but rather have the user discovery framework all on their end - which throws the default Janrain framework for a loop then it tries to begin the auth request.
From what I've seen it looks like it's probably the YADIS discovery that is throwing the error, which should be able to be bypassed since the discovery is on Google or Yahoo's end, but I'm not sure. This is all a big informal learning experience for me, and I haven't had any luck finding documentation that can help me on this one. Any tips would be greatly appreciated.
Edit: the specific problem I am having is that when the begin() function is called for the Google or Yahoo URL, I get a null return. This function is found in Auth/OpenID/Consumer.php for reference.
Ok, I finally got to fix the library... I explained everything here (you can also download the php-openid library after my changes).
I needed to do what Paul Tarjan suggested but, also, I needed to modify the Auth_OpenID_detectMathLibrary and add the static keyword to a lot of functions. After that It seems to work perfectly although it is not an ideal solution... I think that someone should rewrite the whole library in PHP 5...
I had the same problem on Windows XP. Fixed by activating curl extension. To do this uncomment in php.ini the line
extension=php_curl.dll
by removing the ; in front of it if any. Restart apache.
Also on windows to work properly you need to define Auth_OpenID_RAND_SOURCE as null since in windows you don't have a random source. You can do this by adding the line
define('Auth_OpenID_RAND_SOURCE', null);
in CryptUtil.php before the first code line
if(!defined('Auth_OpenID_RAND_SOURCE')){
Even if the curl is not enabled the API should work by using instead the Auth_Yadis_PlainHTTPFetcher to communicat via HTTP. In the case of Google and Yahoo you need https, so it only works if open_ssl is enabled (Auth_Yadis_PlainHTTPFetcher::supportsSSL must return true).
I had exactly the same problem and it took me nearly 2 hours to track the problem. Jan Rain's OpenId lib requires 'DOM or domxml PHP XML' (https://github.com/openid/php-openid) but it will fail silently when neither is available!
On my CentOS installation simple:
yum install php-xml
fixed the problem (I'm using this repo: http://blog.famillecollet.com/pages/Config-en).
Are you using the example RP? Can I suggest you submit a detailed bug at http://trac.openidenabled.com/trac/newticket?project=php-openid or a detailed enquiry via the mailing list.
The immediate_mode support indeed does work the libraries if implemented correctly. I (and others) would also be happy to help you on the OpenID IRC channel irc.reenode.net in #openid. My nickname is flaccid.
It's because you don't have curl support enabled enabled in php. Without this, it can't get https content. At least, that's what I discovered. When I tried to get yahoo or google, it failed with an error message "Authentication error; not a valid OpenID," but when I enable php_curl, it works properly.
Make sure your server has curl with https protocol enabled. This solved it for me.
see this thread.
Here is a quick script to test it out. Upload on your server then acccess it via your browser.
<?php
error_reporting(E_ALL);
// create curl resource
$myurl = 'https://<YOURACCOUNT>.myopenid.com';
$curl_handle=curl_init();
curl_setopt($curl_handle,CURLOPT_URL, $myurl);
curl_setopt($curl_handle,CURLOPT_CONNECTTIMEOUT,2);
curl_setopt($curl_handle,CURLOPT_RETURNTRANSFER,1);
$buffer = curl_exec($curl_handle);
if (empty($buffer))
{
print "Sorry, cannot access $myurl .<p>". curl_error($curl_handle);
}
else
{
print $buffer;
}
curl_close($curl_handle);
?>
If it returns " Protocol https not supported or disabled in libcurl" then you know what to do.
I tried it using my gmail account and it works but it leads to a 301 permanent rediret, which makes sense.
Another potential difference is that Google and Yahoo use HTTPS and if your PHP or SSL installation is misconfigured (perhaps missing CA certs) then your OpenID code will fail to establish an association or complete the check_authentication call.
But without error messages or logs, I can't really tell what type of failure you're looking at.
A couple of years too late, but this might be relevant for users using Janrains PHP OpenID 2.2.2 library on a Windows platform. I'm still on PHP 5.2.17.
My simple test, just to make sure the library was contacting Google was to use the examples/discover.php program, and pass Googles OpenID URL (https://www.google.com/accounts/o8/id).
As per the instructions, the standard steps are to enable GMP (uncomment extension=php_gmp.dll) and CURL (uncomment extension=php_curl.dll). XML should already be enabled.
You may also need to extract the package in contrib/google and make sure google_discovery.php and ca-bundle.crt are in Auth/OpenID.
The extra paranoid could start with examples/detect.php, to make sure they have things set up correctly. It is expected you'd pass all the tests except the Cryptographic Randomness test. For this, you'll need to add
define('Auth_OpenID_RAND_SOURCE', null);
to the top of examples/detect.php. And while you're there, add that to examples/consumer/common.php (since examples/discover.php uses it).
Now, even after all this, discovery for the Google OpenID URL was failing. I was getting CURL error (60): SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in the php error log.
In the Windows environment, you need a definition for the CURLOPT_CAINFO. For my quick test, I added curl_setopt($c, CURLOPT_CAINFO, dirname(__FILE__)."/../OpenID/ca-bundle.crt"); before the curl_exec() statements in Auth/Yadis/ParanoidHTTPFetcher.php.
This allowed the examples/discover.php to discover the services offered by the Google URL.
As a longer term solution for setting CURLOPT_CAINFO in Windows, you might like to refer to this StackOverflow answer so you can add a setting to your php.ini.

Categories