• Register
0 votes
423 views

Problem :

I have upgraded to PHP 5.6 I am getting an error as follows whenever I am trying to connect to the server via fsockopen().

The certificate on the server or host is self signed.

PHP Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

My code as below

if($fp = fsockopen($host, $port, $errno, $errstr, 20)){
    $this->request = 'POST '.substr($this->url, strlen($this->host)).' HTTP/1.1'.$crlf
        .'Host: '.$this->host.$crlf
        .'Content-Length: '.$content_length.$crlf
        .'Connection: Close'.$crlf.$crlf
        .$body;
    fwrite($fp, $this->request);
    while($line = fgets($fp)){
        if($line !== false){
            $this->response .= $line;
        }
    }
    fclose($fp);
}

Have tried following

# cd /etc/ssl/certs/
# wget http://curl.haxx.se/ca/cacert.pem

The php.ini

openssl.cafile = "/etc/ssl/certs/cacert.pem"

But the script is still failing to work as expected.

6 5 3
7,540 points

Please log in or register to answer this question.

1 Answer

0 votes

Solution :

I was on my CentOS 7 and my php installation was pointing to the certificate that was generated by using update-ca-trust. And the symlink was /etc/pki/tls/cert.pem and was pointing to /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem. This was just my test server and I wanted my self signed cert to work properly. So in my case as follows

# My root ca-trust folder was on below path and. I copied the .crt file to this location
# and also renamed it to a .pem
/etc/pki/ca-trust/source/anchors/self-signed-cert.pem
# After that run following command and it should regenerate the certs for you and
#will include your selfsigned cert file.also
update-ca-trust

After doing this some of my api calls started working as my cert was now trusted. After that I just ran the following command man update-ca-trust .

9 7 4
38,600 points

Related questions

1 vote
1 answer 294 views
294 views
Problem : I am very new to wget. Currently I want to wget to my current box but I am facing below error: wget http://example.com --2013-03-01 15:03:30--  http://example.com/ Resolving example.com... 172.20.0.224 Connecting to example.com|172.20.0.224|:80... ... it and tried to find solution on it. But unable to do so as I am very new to wget. I need expert help to fix by above wget error.
asked Apr 16, 2020 stewart 4k points
0 votes
1 answer 30 views
30 views
Problem: How to I Solve this: openssl: error:140ab18e:ssl routines:ssl_ctx_use_certificate:ca md too weak HELP! I need help understanding this: openssl: error:140ab18e:ssl routines:ssl_ctx_use_certificate:ca md too weak Can someone please help solve this, I am new in python(). Someone have idea to solve this thanks!
asked Mar 6 Mashhoodch 13k points
0 votes
1 answer 29 views
29 views
Problem: On a router with merlin firmware, I installed entware and python, after I ran speedtest python script. It shows error: python2.7# speedtest Retrieving speedtest.net configuration... Cannot retrieve speedtest configuration ERROR: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:726)>
asked Jan 23 Mashhoodch 13k points
0 votes
1 answer 34 views
34 views
Problem: unable to load config info from /usr/local/ssl/openssl.cnf
asked Feb 20 charles mathews 5.5k points
0 votes
1 answer 4 views
4 views
Problem: I have a large number of file download links in a txt file. I am trying to write a python script to download all the files at once, but I end up with the following error: SSLError: [Errno 1] _ssl.c:499: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
asked Mar 23 ummesalma 25.2k points
0 votes
1 answer 10 views
10 views
Problem: how to I Solve this: error: fatal error: 'openssl/opensslv.h' file not found HELP! I need help understanding this: fatal error: 'openssl/opensslv.h' file not found Can someone please help solve this, I am new in python(). Someone have idea to solve this thanks!
asked Mar 11 Mashhoodch 13k points
0 votes
1 answer 27 views
27 views
Problem: fatal error: openssl/opensslv.h: no such file or directory
asked Feb 18 charles mathews 5.5k points
0 votes
1 answer 3 views
3 views
Problrem: how to install ssl certificate in tomcat 7
asked Apr 6 Ifra 24.4k points
0 votes
2 answers 1.5K views
1.5K views
Problem: I am attempting to download records from a https webpage and continue getting the accompanying error: OpenSSL: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure Unable to establish SSL connection. From perusing sites online I assemble I need to give ... alternative however that didn't work. wget version: wget-1.13.4 openssl version: OpenSSL 1.0.1f 6 Jan 2014
asked Nov 30, 2019 alecxe 7.5k points
0 votes
1 answer 2 views
2 views
Problem: I am stuck with this ... Please help me that how to deal with this?unable to load private key openssl pkcs12
asked 4 days ago ashik 12.8k points