• Register
0 votes
255 views

Problem :

I have upgraded to PHP 5.6 I am getting an error as follows whenever I am trying to connect to the server via fsockopen().

The certificate on the server or host is self signed.

PHP Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

My code as below

if($fp = fsockopen($host, $port, $errno, $errstr, 20)){
    $this->request = 'POST '.substr($this->url, strlen($this->host)).' HTTP/1.1'.$crlf
        .'Host: '.$this->host.$crlf
        .'Content-Length: '.$content_length.$crlf
        .'Connection: Close'.$crlf.$crlf
        .$body;
    fwrite($fp, $this->request);
    while($line = fgets($fp)){
        if($line !== false){
            $this->response .= $line;
        }
    }
    fclose($fp);
}

Have tried following

# cd /etc/ssl/certs/
# wget http://curl.haxx.se/ca/cacert.pem

The php.ini

openssl.cafile = "/etc/ssl/certs/cacert.pem"

But the script is still failing to work as expected.

6 5 3
7,540 points

1 Answer

0 votes

Solution :

I was on my CentOS 7 and my php installation was pointing to the certificate that was generated by using update-ca-trust. And the symlink was /etc/pki/tls/cert.pem and was pointing to /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem. This was just my test server and I wanted my self signed cert to work properly. So in my case as follows

# My root ca-trust folder was on below path and. I copied the .crt file to this location
# and also renamed it to a .pem
/etc/pki/ca-trust/source/anchors/self-signed-cert.pem
# After that run following command and it should regenerate the certs for you and
#will include your selfsigned cert file.also
update-ca-trust

After doing this some of my api calls started working as my cert was now trusted. After that I just ran the following command man update-ca-trust .

9 7 4
38,600 points

Related questions

1 vote
1 answer 46 views
46 views
Problem : I am very new to wget. Currently I want to wget to my current box but I am facing below error: wget http://example.com --2013-03-01 15:03:30--  http://example.com/ Resolving example.com... 172.20.0.224 Connecting to example.com|172.20.0.224|:80... ... it and tried to find solution on it. But unable to do so as I am very new to wget. I need expert help to fix by above wget error.
asked Apr 16 stewart 4k points
0 votes
2 answers 794 views
794 views
Problem: I am attempting to download records from a https webpage and continue getting the accompanying error: OpenSSL: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure Unable to establish SSL connection. From perusing sites online I assemble I need to give ... alternative however that didn't work. wget version: wget-1.13.4 openssl version: OpenSSL 1.0.1f 6 Jan 2014
asked Nov 30, 2019 alecxe 7.5k points
0 votes
1 answer 148 views
148 views
Problem : I am having trouble with my website. It has been slowed down a little in last couple of days. I have carefully looked into my error log & found a lots of following logs: [Sat Nov 30 00:09:53 2019] [error] [client 66.249.66.205] Request ... core.c(3126): [client 66.249.66.205] redirected from r->uri = /images/2019/02/600x376_0.076827001313237200_pixnaz_ir_1.jpg How to solve this issue?
asked Nov 30, 2019 alecxe 7.5k points
0 votes
1 answer 100 views
100 views
Problem : I have installed the fresh copy of the Centos 7. Then I just restarted Apache but my Apache failed to start. I am stuck with the bellow error from past 5 days. Even my support could not figure out the below error. sudo service httpd start Failed to ... could not bind to address 85.25.12.20:xx Jan 04 16:08:02 startdedicated.de httpd[5710]: no listening sockets available, shutting down
asked Jan 10 alecxe 7.5k points