Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ssl3_get_server_certificate:certificate verify failed #11

Open
adnanmuhammad opened this issue Dec 27, 2019 · 4 comments
Open

ssl3_get_server_certificate:certificate verify failed #11

adnanmuhammad opened this issue Dec 27, 2019 · 4 comments

Comments

@adnanmuhammad
Copy link

i am getting an error even with the ssl is installed on my server.

stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed

Please help.
@Norgul
Copy link
Collaborator

Norgul commented Jan 3, 2020

Hello @adnanmuhammad

this should not be at my part. Maybe you can check out the following link

@WelterRocks
Copy link

Sorry Norgul, but there are many situations, where it can be useful to bypass TLS errors. For example, there are some IOT vendors, not updating there cert chains, which lead to expired certs or untrusted chains. It is up to us as developers to make things work, even if errors occur.

@adnanmuhammad if you are still interested, edit the file Socket.php and change the constructor to this:

`public function __construct(Options $options)
{
$this->responseBuffer = new Response();

    //$this->connection = stream_socket_client($options->fullSocketAddress());

    // Changed, to bypass certificate errors
    $errno = null;
    $errstr = null;
    $timeout = ini_get("default_socket_timeout");
    $flags = STREAM_CLIENT_CONNECT;

    // Context, to bypass certificate problems
    $context = stream_context_create();
    stream_context_set_option($context, 'ssl', 'verify_host', false);
    stream_context_set_option($context, 'ssl', 'verify_peer', false);
    stream_context_set_option($context, 'ssl', 'allow_self_signed', true);

    $this->connection = stream_socket_client($options->fullSocketAddress(), $errno, $errstr, $timeout, $flags, $context);

    if ($errno)
        die("ERROR(".$errno."): ".$errstr."\n");

    if (!$this->isAlive($this->connection)) {
        throw new DeadSocket();
    }

    //stream_set_blocking($this->connection, true);
    stream_set_timeout($this->connection, 0, $this->timeout);
    $this->options = $options;
}

`

@Norgul
Copy link
Collaborator

Norgul commented Oct 11, 2020

@WelterRocks feel free to submit a PR, I'd gladly implement it. Thanks!

@WelterRocks
Copy link

Will fix some few more things and send the PR ;-). Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Norgul @WelterRocks @adnanmuhammad