Php error failed to enable crypto

OpenSSL Failed to enable crypto #6870

Comments

Please, help. I cannot install my dependencies.
WampServer Version 3.0.6 64bit
Apache 2.4.23 — PHP 5.6.25 — MySQL 5.7.14
PHP 5.6.25 for CLI (Command-Line Interface)

Output of composer diagnose :

When I run this command:

I get the following output:

The text was updated successfully, but these errors were encountered:

This has to do with the certificate file used by your installation of PHP not containing the required certificate to verify github.com. Get an up-to-date list of certificates (from http://curl.haxx.se/ca/cacert.pem for instance), update your PHP configuration to use this certificate and your issue should be resolved.

It seems that problem solved itself. I didn’t change anything, except restarting WAMP. And certificate path looks the same.

I didn’t found where I can change default_cert_file path, but it’s obviously WAMP or even php_openssl extension problem, not yours.
It would be very helpfull to see absolute path to cert file when error:14090086:SSL occures. Right now you don’t know which one cert file is broken and WAMP server contains a lot of cert files and configs.

And the problem comes back with another package.

I’ve tried already:

  • Both php5.6.25 and php7.0.10
  • Download certificate from http://curl.haxx.se/ca/cacert.pem
  • Different certificates and configs from openssl_get_cert_locations()
  • WAMP restarting many many times
  • PC reboot

Any workaround maybe?
I cannot install from dist because of SSL problem. Meanwhile I can install from source most of packages which is slow, annoying but I can live with that. But now I’m facing package which I cannot install neither from dist nor from source.

I did try to download package manually and unzip it to vendor/squizlabs/php_codesniffer , but every composer install script erases this folder and tries to download it again without success.

Please, help me to unzip package manually, because it seems to me that issue with SSL will never be solved.

It’s embarassing, but it’s not completely my fault.

Finally, I’ve spotted weird DNS settings of my internet connection.
As it turns out it was Mail.ru Trojan or something.
This malicous script changes preferred and alternate DNS servers.
When you’re trying to download any zip, exe or file without extension it swaps this file with zipped malicious exe file.

Dr. Web and Malwarebytes didn’t help, however.
After adjustment to correct DNS servers everything works perfect.

[Composer\Downloader\TransportException]
The «https://api.github.com/repos/ghunti/HighchartsPHP/zipball/548b321478510ec1559432a9baabbfba1a1e559a» file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed

Fixed by disable Kaspersky Antivirus

@mzf, thanks disabling KIS helped!

@mzf . 3 hours wasted doing all sorts of different things. I wish I found your post first! Thanks!

NOTE: Ran in this issue again on a different computer. This is what fixed it for me:
sudo apt-get install php-curl

I also disabled Kapersky, so it might be a combination of both.

Читайте также:  What is homestead exception

Ask you friends
Php : 7.2
Centos: 7.4
Composer: 1.6.5
Whether the certificate has been replaced, or it will prompt the verification to fail

@mzf More specifically, this issue is caused by Kaspersky AntiVirus scanning encrypted connections. This component can be disabled through Settings > Additional > Network > Do not scan encrypted connections .

@mzf Thank you. Working after disabling Kaspersky.

Thank you, it was Kaspersky issue, Lost two days..kah

WTF! Thankz @mzf you save us all! KIS was fu****g all =/

Here it is, I’m facing the same issue while requiring composer require drush/drush:8.x

PHP Warning: PHP Startup: Unable to load dynamic library ‘/usr/lib/php/20160303/geos.so’ — /usr/lib/php/20160303/geos.so: cannot open shared object file: No such file or directory in Unknown on line 0

[Composer\Downloader\TransportException] The «https://packagist.org/packages.json» file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed Failed to enable crypto failed to open stream: operation failed

Still wasting a lot of time on it. Any help?

@roslov Thanks! I was struggling with this for many hours. Disabling Kaspersky do the job.

Same error message(s) as the original issue from @ybelenko. Running a Red Hat 7 box behind a firewall with PHP 7.1.8 and Composer 1.7.2. Tried all the certificate adjustments, permissions, etc. In my case it was resolved by a firewall adjustment, adding the exception to our firewall and URL filtering blade.

F**k Kas. wast me a lot of times.

In my case, it was the CA Cert file that was the culprit

Open terminal and run php -r «var_dump(openssl_get_cert_locations());»

Note the location of default_cert_file . It might say \usr\local\ssl\cert.pem
Verify that that file exists. If not, download the cacert.pem file from https://curl.haxx.se/ca/cacert.pem and place it in somewhere preferably in /usr/local/ssl

You now have a file is usr/local/ssl/cacert.pem

Open your php.ini and add the location of the file openssl.cafile=cacert.pem

Run composer config —global cafile «/usr/local/ssl/cacert.pem»

@jgmuchiri Thanks! This fixed it for me.

In my case, it was the CA Cert file that was the culprit

Open terminal and run php -r «var_dump(openssl_get_cert_locations());»

Note the location of default_cert_file . It might say \usr\local\ssl\cert.pem
Verify that that file exists. If not, download the cacert.pem file from https://curl.haxx.se/ca/cacert.pem and place it in somewhere preferably in /usr/local/ssl

You now have a file is usr/local/ssl/cacert.pem

Open your php.ini and add the location of the file openssl.cafile=cacert.pem

Run composer config —global cafile «/usr/local/ssl/cacert.pem»

Thanks @jgmuchiri for pointing in the right direction.

If it’s of any use to others, I use valet+ 1.0.26, composer 1.8.4 OSX Movajes 10.14.3, php7.3 and simply specifying the cert composer looks for with:
composer config —global cafile «/usr/local/etc/openssl/cert.pem»

Fixed it for me.

In my case, it was the CA Cert file that was the culprit
Open terminal and run php -r «var_dump(openssl_get_cert_locations());»
Note the location of default_cert_file . It might say \usr\local\ssl\cert.pem
Verify that that file exists. If not, download the cacert.pem file from https://curl.haxx.se/ca/cacert.pem and place it in somewhere preferably in /usr/local/ssl
You now have a file is usr/local/ssl/cacert.pem
Open your php.ini and add the location of the file openssl.cafile=cacert.pem
Run composer config —global cafile «/usr/local/ssl/cacert.pem»

Thanks @jgmuchiri for pointing in the right direction.

Читайте также:  Gt 3100 samsung планшет прошивка

If it’s of any use to others, I use valet+ 1.0.26, composer 1.8.4 OSX Movajes 10.14.3, php7.3 and simply specifying the cert composer looks for with:
composer config —global cafile «/usr/local/etc/openssl/cert.pem»

This worked for me.

Same problem for me, with this config :

  • local windows with avast
  • VM with ubuntu trying to send mail
    Avast on my local was Stopping my VM from sending mails after I tried to switching date from GMT to UTC with : error:14090086:SSL

At the second I desactivated Avast on local, it worked !
Lost 4 hours on this problem, thank you avast.

Источник

PHP-fpm и HTTPS — крайне странное поведение

btsalex

Новичок

PHP-fpm и HTTPS — крайне странное поведение

Пытаюсь решить уже несколько дней проблему — не работает file_get_contents(«https://. «);
При этом с http работает прекрасно, а CURL работает без проблем и с http и с https

При попытке получить любую httpS страницу с помощью file_get_contents() получаю ошибки:
Warning: file_get_contents() [function.file-get-contents]: SSL: Unknown error: 0 in /www/1.php on line 8
Warning: file_get_contents() [function.file-get-contents]: Failed to enable crypto in /www/1.php on line 8
Warning: file_get_contents(https://money.yandex.ru) [function.file-get-contents]: failed to open stream: operation failed in /www/1.php on line 8

На сервере php-fpm 5.2.8 (OpenSSL/0.9.8j и mcrypt 2.5.8), nginx 0.6.32, ОС FreeBSD 7.0-RELEASE-p5

Самое интересное, как оно работает..

в 1.php — запрашиваю сайт с помощью file_get_content()
в 1curl.php — запрашиваю сайт с помощью CURL

после рестарта php:
1.php — вообще не работает (ошибки описаны выше — SSL: Unknown error: 0 и Failed to enable crypto)

далее, запускаю 1curl.php — все ок, CURL отрабатывает
после этого 1.php — работает Четко через 2 раза (прямо четко 2 попытки неудачные, 3яя — удачная. не зависит от времени между запросами!)

если после этого запустить 1curl.php еще раз, то 1.php — работает теперь Четко через 1 раз (прямо четко уже 2 попытки удачные, а 3яя — неудачная. не зависит от времени между запросами!) т.е. добавляется еще одна удачная попытка из 3ех

последующие запуски 1curl.php ситуацию не меняют

эксперимент показал, что такое поведение только в случае, если я запрашиваю CURL’ом любую https страницу, если запрашивать http, то 1.php как не работал, так и продложает не работать
такой вот бред

Поиск по-сути ничего не дал, разве что нашел близкую проблему в http://bugs.php.net/bug.php?id=44353 , но решения там нет

Тестил этот же код на нескольких других серверах, причем на одном установлено все практически 1 в 1 (тот же php-fpm, только версия FreeBSD чуть новее — 7.1-RELEASE-p2) — везде работает без проблем.

Источник

stream_socket_enable_crypto

(PHP 5 >= 5.1.0, PHP 7, PHP 8)

stream_socket_enable_crypto — Включает или отключает шифрование на уже подключённом сокете

Описание

Включает или отключает шифрование на потоке.

После настройки шифрования, криптография может быть включена или выключена динамически при помощи передачи значения true или false параметру enable .

Список параметров

Включить/отключить криптографию на потоке.

Включить шифрование на потоке. Допустимые методы

  • STREAM_CRYPTO_METHOD_SSLv2_CLIENT
  • STREAM_CRYPTO_METHOD_SSLv3_CLIENT
  • STREAM_CRYPTO_METHOD_SSLv23_CLIENT
  • STREAM_CRYPTO_METHOD_ANY_CLIENT
  • STREAM_CRYPTO_METHOD_TLS_CLIENT
  • STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT
  • STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT
  • STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT
  • STREAM_CRYPTO_METHOD_TLSv1_3_CLIENT (начиная с PHP 7.4.0)
  • STREAM_CRYPTO_METHOD_SSLv2_SERVER
  • STREAM_CRYPTO_METHOD_SSLv3_SERVER
  • STREAM_CRYPTO_METHOD_SSLv23_SERVER
  • STREAM_CRYPTO_METHOD_ANY_SERVER
  • STREAM_CRYPTO_METHOD_TLS_SERVER
  • STREAM_CRYPTO_METHOD_TLSv1_0_SERVER
  • STREAM_CRYPTO_METHOD_TLSv1_1_SERVER
  • STREAM_CRYPTO_METHOD_TLSv1_2_SERVER
  • STREAM_CRYPTO_METHOD_TLSv1_3_SERVER (начиная с PHP 7.4.0)

Если не указан, то будет использован параметр crypto_method из SSL контекста потока.

Использовать в потоке настройки из session_stream .

Читайте также:  Error cmake is required to build rugged

Возвращаемые значения

Возвращает true в случае успешного выполнения, false , если не удалось установить шифрование или 0 , если недостаточно данных и вы должны попытаться ещё раз (только для неблокирующих сокетов).

Список изменений

Версия Описание
8.0.0 session_stream теперь допускает значение null.

Примеры

Пример #1 Пример использования stream_socket_enable_crypto()

= stream_socket_client ( «tcp://myproto.example.com:31337» , $errno , $errstr , 30 );
if (! $fp ) <
die( «Не могу соединиться: $errstr ( $errno )» );
>

/* Включить шифрование для этапа входа в систему */
stream_socket_enable_crypto ( $fp , true , STREAM_CRYPTO_METHOD_SSLv23_CLIENT );
fwrite ( $fp , «USER бог\r\n» );
fwrite ( $fp , «PASS секрет\r\n» );

/* Отключить шифрование для всего остального */
stream_socket_enable_crypto ( $fp , false );

while ( $motd = fgets ( $fp )) <
echo $motd ;
>

Результатом выполнения данного примера будет что-то подобное:

Источник

Connection failed. Error #2: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed #2061

Comments

I followed instruction here , I have a successful result asking openssl to test the connection using CA cert. But I’m still receiving the issue.

2020-05-29 13:19:55 Connection: opening to smtp.gmail.com:587, timeout=300, options=array()
2020-05-29 13:19:55 Connection: opened
2020-05-29 13:19:55 SMTP INBOUND: «220-host.myhost.com ESMTP Exim 4.93 #2 Fri, 29 May 2020 15:19:55 +0200»
2020-05-29 13:19:55 SMTP INBOUND: «220-We do not authorize the use of this system to transport unsolicited,»
2020-05-29 13:19:55 SMTP INBOUND: «220 and/or bulk e-mail.»
2020-05-29 13:19:55 SERVER -> CLIENT: 220-host.myhost.com ESMTP Exim 4.93 #2 Fri, 29 May 2020 15:19:55 +0200 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail.
2020-05-29 13:19:55 CLIENT -> SERVER: EHLO mydomain.com
2020-05-29 13:19:55 SMTP INBOUND: «250-host.myhost.com Hello mydomain.com [162.246.248.85]»
2020-05-29 13:19:55 SMTP INBOUND: «250-SIZE 52428800»
2020-05-29 13:19:55 SMTP INBOUND: «250-8BITMIME»
2020-05-29 13:19:55 SMTP INBOUND: «250-PIPELINING»
2020-05-29 13:19:55 SMTP INBOUND: «250-AUTH PLAIN LOGIN»
2020-05-29 13:19:55 SMTP INBOUND: «250-STARTTLS»
2020-05-29 13:19:55 SMTP INBOUND: «250 HELP»
2020-05-29 13:19:55 SERVER -> CLIENT: 250-host.myhost.com Hello mydomain.com [162.246.248.85]250-SIZE 52428800250-8BITMIME250-PIPELINING250-AUTH PLAIN LOGIN250-STARTTLS250 HELP
2020-05-29 13:19:55 CLIENT -> SERVER: STARTTLS
2020-05-29 13:19:55 SMTP INBOUND: «220 TLS go ahead»
2020-05-29 13:19:55 SERVER -> CLIENT: 220 TLS go ahead
2020-05-29 13:19:55 Connection failed. Error #2: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed [/home/xxx/vendor/phpmailer/phpmailer/src/SMTP.php line 426]
SMTP Error: Could not connect to SMTP host.
2020-05-29 13:19:55 CLIENT -> SERVER: QUIT
2020-05-29 13:19:55
2020-05-29 13:19:55
2020-05-29 13:19:55
2020-05-29 13:19:55 SMTP INBOUND: «»
2020-05-29 13:19:55
2020-05-29 13:19:55
2020-05-29 13:19:55 Connection: closed
SMTP Error: Could not connect to SMTP host.

If I use
$mail->SMTPOptions = array(
‘ssl’ => array(
‘verify_peer’ => false,
‘verify_peer_name’ => false,
‘allow_self_signed’ => true
)
);

I receive
020-05-29 13:32:04 Auth method requested: UNSPECIFIED
2020-05-29 13:32:04 Auth methods available on the server: PLAIN,LOGIN
2020-05-29 13:32:04 Requested auth method not available:
2020-05-29 13:32:04 Auth method selected: LOGIN
2020-05-29 13:32:04 CLIENT -> SERVER: AUTH LOGIN
.
2020-05-29 13:32:06 SMTP INBOUND: «535 Incorrect authentication data»
2020-05-29 13:32:06 SERVER -> CLIENT: 535 Incorrect authentication data
2020-05-29 13:32:06 SMTP ERROR: Password command failed: 535 Incorrect authentication data
SMTP Error: Could not authenticate.

But I’m sure that user and password are correct!

How to sort this out?
I’m on PHP 7.3 on Centos 7

The text was updated successfully, but these errors were encountered:

Источник

Smartadm.ru
Adblock
detector