Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EC2 Possible SSL Errors #1610

Closed
mtotheikle opened this issue Feb 22, 2013 · 8 comments
Closed

EC2 Possible SSL Errors #1610

mtotheikle opened this issue Feb 22, 2013 · 8 comments

Comments

@mtotheikle
Copy link

Running a update from an EC2 box I get the following:

The "https://packagist.org/packages.json" file could not be downloaded: SSL: crypto enabling timeout
Failed to enable crypto
failed to open stream: operation failed

[Composer\Downloader\TransportException]
The "https://packagist.org/packages.json" file could not be downloaded: SSL: crypto enabling timeout
Failed to enable crypto
failed to open stream: operation failed

Anyone else experiencing this? I have seen some bug reports about a possible OpenSSL bug, but nothing I have found so far has led to a fix. Could there be a config option to not use SSL for the package files?
@mtotheikle
Copy link
Author

Found fix for it by adding the following to the configuration file. Basically disabling the default packagist repository and using a non https version of it. There may be a better way todo this but it solves the problem.

    {
        "packagist": false
    },
    {
        "type": "composer",
        "url": "http://packagist.org",
        "options": {
            "ssl": {
                "verify_peer": "false"
            }
        }
    }

@Seldaek
Copy link
Member

Seldaek commented Feb 22, 2013

Note that you don't need verify_peer in this case since you disabled ssl entirely. Also note that disabling ssl is a bad idea for security reasons.

@mtotheikle
Copy link
Author

@Seldaek Thank you for the feedback. I overlooked the verify peer and I realize that disabling SSL is bad for various reasons but I was looking for a solution and this happened to be one.

After more testing I have found that some versions of PHP have trouble using HTTPS with file_get_contents. The version I have tested with is 5.3.20 running on a micro EC2 instance.

What are the reasons that a CURL remote file system is not implemented if any? It seems like CURL has no problem with the issue I am experiencing.

@Seldaek
Copy link
Member

Seldaek commented Feb 22, 2013

Curl is planned, but it's not there yet, the reason is simply that it's not as ubiquitous as file_get_contents/streams. Just for info, is it a CentOS server you are running? They seem to have quite outdated openssl libs usually.

@mtotheikle
Copy link
Author

I'm running the Amazon Linux AMI release 2012.03 which is a version of CentOS/Red Hat I believe. This box is running PHP 5.3.20 with OpenSSL 1.0.0j-fips 10 May 2012

On a different CentOS based box running PHP 5.3.3 and OpenSSL 1.0.0-fips 29 Mar 2010, my tests work fine.

@mtotheikle mtotheikle mentioned this issue Feb 22, 2013
Closed
@dennyhalim
Copy link

any workaround other than using non https??

@mtotheikle
Copy link
Author

I did not find a workout that worked very well so I ended up writing a cURL remote filesystem using Guzzle as a further abstraction layer because I was going to look into parallel file downloads and Guzzle has simple support for that feature of cURL. I have the changes on my home computer and will try to get them into a forked repository once I get home tonight.

@mtotheikle
Copy link
Author

This should take care of the problem once it gets merged in: #1628

@XedinUnknown XedinUnknown mentioned this issue Mar 16, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dennyhalim @Seldaek @mtotheikle