RE: PHP stream_socket_client OpenSSL error (unknown ca)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> -----Original Message-----
> From: Richard [mailto:php_list@xxxxxx]
> Sent: Tuesday, October 19, 2010 10:50 AM
> To: php-general@xxxxxxxxxxxxx
> Subject:  PHP stream_socket_client OpenSSL error (unknown ca)
> 
>   Hello,
> 
> I'm having some problems connecting to a server using the following php
> script :
> 
> <?php
>      $context = stream_context_create();
>      stream_context_set_option($context, 'ssl', 'local_cert',
'./cert.pem');
>      stream_context_set_option($context, 'ssl', 'allow_self_signed',
TRUE);
>      stream_context_set_option($context, 'ssl', 'verify_peer', FALSE);
> 
>      $ctn = stream_socket_client('ssl://distant.server.com:987', $errno,
$errstr,
> 30, STREAM_CLIENT_CONNECT, $context);
>      if($ctn) {
>          print('Connected !');
>      }
> ?>

Just curious,

'passphrase  string

    Passphrase with which your local_cert file was encoded' quoted from [1].

Regards,
Tommy

[1] http://us3.php.net/manual/en/context.ssl.php


> 
> cert.pem is a self signed certificate that I generated a few days ago, it
> contains both RSA Key and Certificate and I have supplied the certificate
to
> the distant server.
> 
> When I launch the script I get the following errors :
> 
> Warning: stream_socket_client(): SSL operation failed with code 1.
> OpenSSL Error messages:
> error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca in
> /path/to/my/test.php on line 7
> 
> As it is a self signed certificate there is no CA so I added the two lines
:
> 
>      stream_context_set_option($context, 'ssl', 'allow_self_signed',
TRUE);
>      stream_context_set_option($context, 'ssl', 'verify_peer', FALSE);
> 
> but that did not fix the problem.
> 
> This is my first script that connects through a socket using SSL, but I
think
> that it doesn't even get out of the server because it doesn't like the
> certificate. Do you have any ideas about how I could get this working ? or
> maybe just point me in the right direction. If you need any more info
please
> let me know.
> 
> Thank you,
> 
> Richard
> 




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux