作曲家 - >错误:14090086:SSL例程:SSL3_GET_SERVER_CERTIFICATE:证书验证失败

时间:2015-01-31 06:52:11

标签: ssl openssl composer-php lamp php-openssl

我可以连接到SSL站点,通过HTTPS通过命令行安装composer。检查了OPENSSL版本SSL Version => OpenSSL/1.0.1j。那问题出在哪里?想法?

这是原始输出。

[kunaaljain@localhost php]$ /opt/lampp/bin/php-5.6.3 composer.phar diagChecking composer.json: FAIL
the property name is required
the property description is required
No license specified, it is recommended to do so. For closed-source software you may use "proprietary" as license.
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity: FAIL
[Composer\Downloader\TransportException] The "https://packagist.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
failed to open stream: Cannot connect to HTTPS server through proxy
Checking HTTP proxy: FAIL
[Composer\Downloader\TransportException] The "https://packagist.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
failed to open stream: Cannot connect to HTTPS server through proxy

3 个答案:

答案 0 :(得分:2)

这是一个使用php>的OpenSSL问题5.6。 Rob Allen在这里使用自制软件进行修复: http://akrabat.com/ssl-certificate-verification-on-php-5-6/

github上还有一个关于Composer的官方问题: https://github.com/composer/composer/issues/2798#issuecomment-68200214

编辑链接证书文件的php.ini应该修复它:

curl.cainfo=/full/path/to/ssl/certs/ca-bundle.crt
openssl.cafile=/full/path/to/ssl/certs/ca-bundle.crt

此问题告诉您如何找到正确的路径: Composer update fails while updating from packagist

答案 1 :(得分:2)

I had the same case on my Mac, after I did update to OSX El Capitan and did update of other things at the same time in my development environment.

I burned half a day investigating, and came to conclusion that the reason was in openssl having obsolete certificates. Solution was to extract certificates from Apple’s Keychain, via bash script:

    cert_file="$( openssl version -d | awk -F'"' '{print $2}' )/cert.pem"
    mkdir -p "${cert_file%/*}"
    security find-certificate -a -p /Library/Keychains/System.keychain > "$cert_file"
    security find-certificate -a -p /System/Library/Keychains/SystemRootCertificates.keychain >> "$cert_file"

This should help in most of the cases, if configuration of openssl was not manually messed up before. Simple update of certificates is needed.

答案 2 :(得分:0)

尝试在本地无业游民的环境中运行composer时遇到同样的问题。发现问题是由系统时钟不同步引起的。

已通过运行固定

  vagrant ssh
  sudo apt install ntpdate
  sudo ntpdate ntp.ubuntu.com
  sudo timedatectl set-ntp on
  sudo service ntp stop
  sudo ntpd -gq
  sudo service ntp start
相关问题
最新问题