I am really in need of some help here! Whenever I try to use fopen,
fsockopen, file_get_contents, etc in php to open an https/ssl; resource, i
get the following errors:
Warning: file_get_contents(): SSL: connection timeout
Warning: file_get_contents(): Failed to enable crypto
Here is some relevant information from phpinfo():
OpenSSL support enabled
OpenSSL Version OpenSSL 0.9.8n 24 Mar 2010
Registered Stream Socket Transports tcp, udp, unix, udg, ssl, sslv3,
sslv2, tls
Registered PHP Streams https, ftps, compress.zlib, compress.bzip2, php,
file, data, http, ftp
allow_url_fopen On
default_socket_timeout 60
The SSL connection timeout message occurs immediately. The server is not
blocking outbound communications as a tcpdump on the server that php is
trying to connect to shows connection activity, however, the apache and php
logs on this server do not show any entries at all when php tries to connect
to it.
On the server with php installed on it, openssl appears to be installed
correctly.
----------------------------------------------------------
[root@rdcsol-10-01]# /opt/csw/bin/openssl version
OpenSSL 0.9.8n 24 Mar 2010
[root@rdcsol-10-01]# /opt/csw/bin/openssl s_client -connect
www<dot>google<dot>com:443
CONNECTED(00000004)
depth=1 /C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/C=US/ST=California/L=Mountain View/O=Google
Inc/CN=www<dot>google<dot>com
i:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
1 s:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification
Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDITCCAoqgAwIBAgIQL9+89q6RUm0PmqPfQDQ+mjANBgkqhkiG9w0BAQUFADBM
MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg
THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0wOTEyMTgwMDAwMDBaFw0x
MTEyMTgyMzU5NTlaMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRcw
FQYDVQQDFA53d3cuZ29vZ2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
gYEA6PmGD5D6htffvXImttdEAoN4c9kCKO+IRTn7EOh8rqk41XXGOOsKFQebg+jN
gtXj9xVoRaELGYW84u+E593y17iYwqG7tcFR39SDAqc9BkJb4SLD3muFXxzW2k6L
05vuuWciKh0R73mkszeK9P4Y/bz5RiNQl/Os/CRGK1w7t0UCAwEAAaOB5zCB5DAM
BgNVHRMBAf8EAjAAMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwudGhhd3Rl
LmNvbS9UaGF3dGVTR0NDQS5jcmwwKAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsGAQUF
BwMCBglghkgBhvhCBAEwcgYIKwYBBQUHAQEEZjBkMCIGCCsGAQUFBzABhhZodHRw
Oi8vb2NzcC50aGF3dGUuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vd3d3LnRoYXd0
ZS5jb20vcmVwb3NpdG9yeS9UaGF3dGVfU0dDX0NBLmNydDANBgkqhkiG9w0BAQUF
AAOBgQCfQ89bxFApsb/isJr/aiEdLRLDLE5a+RLizrmCUi3nHX4adpaQedEkUjh5
u2ONgJd8IyAPkU0Wueru9G2Jysa9zCRo1kNbzipYvzwY4OA8Ys+WAi0oR1A04Se6
z5nRUP8pJcA2NhUzUnC+MY+f6H/nEQyNv4SgQhqAibAxWEEHXw==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google
Inc/CN=www<dot>google<dot>com
issuer=/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
---
No client certificate CA names sent
---
SSL handshake has read 1772 bytes and written 313 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : RC4-SHA
Session-ID:
E2CEF3FD72185DD712E49E49F7794445AA9B034B8E6D26023A02D41D1B3E6FD8
Session-ID-ctx:
Master-Key:
E35A311ADFB1BA4C53A84D836368316D2057ED794071E16602A6D5CE59E288C99437114AE4E809966D6082B2A826B9F6
Key-Arg : None
Start Time: 1282152269
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
----------------------------------------------------------
Server: SunOS rdcsol-10-01 5.10 Generic_142901-05 i86pc i386 i86pc
COmpiler used to compile php: cc: Sun C 5.10 SunOS_i386 2009/06/03
OpenSSL:
[root@rdcsol-10-01]# /opt/csw/bin/openssl version -a
OpenSSL 0.9.8n 24 Mar 2010
built on: Thu Mar 25 21:12:32 CET 2010
platform: solaris-pentium_pro-cc
options: bn(64,32) md2(int) rc4(ptr,char) des(ptr,cisc,16,long) idea(int)
blowfish(ptr)
compiler: cc -KPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN
-DHAVE_DLFCN_H -fast -xarch=pentium_pro -O -Xa
OPENSSLDIR: "/opt/csw/ssl"
----------------------------------------------------------
Right now, I have compiled php against the OpenSSL packages from OpenCSW. I
have also tried compiling php against openssl-1.0.0 which I compiled myself
from source. This did not help anything as php was still having the exact
same ssl timeout errors.
I am really stumped here. Any help would be greatly appreciated.
Brent.
