Skip to content
This repository has been archived by the owner on Jan 10, 2022. It is now read-only.

PHP 5.6: Can't connect to the server that uses self-signed certificate. #19

Closed
youmad opened this issue Aug 5, 2015 · 6 comments
Closed

PHP 5.6: Can't connect to the server that uses self-signed certificate. #19

youmad opened this issue Aug 5, 2015 · 6 comments

Comments

@youmad
Copy link

youmad commented Aug 5, 2015

In connect() method of Fabiang\Xmpp\Stream\SocketClient class it is necessary to use stream_socket_client() with the sixth attribute: stream_context_create($options)
where $options contains settings of SSL, for example:

// call stream_socket_client with custom error handler enabled
$handler = new ErrorHandler(
    function ($address, $timeout, $flags) {
        $options = [
            'ssl' => [
                'allow_self_signed' => true,
                'verify_peer_name' => false,
            ],
        ];
        $context = stream_context_create($options);
        return stream_socket_client($address, $errno, $errstr, $timeout, $flags, $context);
    },
    $this->address,
    $timeout,
    $flags
);

This is required so as to have possibility to use self signed SSL certificates.
@youmad youmad mentioned this issue Aug 5, 2015
Open
@youmad youmad changed the title Can't connect to the server that uses self-signed certificate. PHP 5.6: Can't connect to the server that uses self-signed certificate. Aug 5, 2015
@resourcemode
Copy link

Any update on this issue?

@youmad i encounter the same issue. Using your code above fixed it.
Please create a PR.

@bgaillard
Copy link

Hi, I can also confirm @youmad code fixes the errors with self-signed certificate, perhaps this additional configuration could be passed as an option of the XMPP client ?

$client = new \Client($address);
$client->setSslOptions(
    [
        'allow_self_signed' => true,
        'verify_peer_name' => false
    ]
);

@fguillot fguillot mentioned this issue Jul 14, 2016
Closed
@benxmy benxmy mentioned this issue Jul 19, 2016
Closed
@jpaechnatz
Copy link

I used above patch to get rid of the message, BTW it's a letsencrypt cert:
PHP Warning: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /var/www/virtual/obbala/html/kanboard/plugins/Jabber/vendor/fabiang/xmpp/src/Stream/SocketClient.php on line 192

Now getting:
PHP Warning: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /var/www/virtual/obbala/html/kanboard/plugins/Jabber/vendor/fabiang/xmpp/src/Stream/SocketClient.php on line 200

Any idea how to fix stream_socket_enable_crypto?

Thanks.

@youmad
Copy link
Author

youmad commented Mar 31, 2017

@jpaechnatz You may try with option 'verify_peer' = false:

        $options = [
            'ssl' => [
                'allow_self_signed' => true,
                'verify_peer' => false, // THIS
                'verify_peer_name' => false,
            ],
        ];

@jpaechnatz
Copy link

Works! Thanks! Could someone provide a patch or config Option for it?

@youmad
Copy link
Author

youmad commented Mar 31, 2017

@jpaechnatz It's already here #31

@youmad youmad closed this as completed Mar 31, 2017
@youmad youmad mentioned this issue Feb 9, 2018
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@bgaillard @jpaechnatz @resourcemode @youmad