1. 技术文章
  2. Why won't zend 2 http verify my ssl cert?

Why won't zend 2 http verify my ssl cert?

柔情痞子 提交于 2019-12-08 13:09:54

问题


I've just started using Zend 2 and it works really well (locally) but I can't get it to pass data via https to another server.

I'm a bit of a noob when it comes to ssl certs and I think this is where the problem lies. I've got a CERT, a Private Key and a CA cert - these are being used for an ssl cert on one of our vhost domains on our server the locations are : -

SSLCertificateFile /usr/local/psa/var/certificates/cert-####
SSLCACertificateFile /usr/local/psa/var/certificates/cert-####

In every example I read they're in '/etc/ssl/certs/ca-bundle.pem'. My question is how to I stick them together to create this .pem file that zend 2 wants? I've tried just creating a .pem file with all the -----BEGIN CERTIFICATE----- the hash/key -----END CERTIFICATE----- in and named it ca-bundle.pem but now Apache throws 'Unable to set verify locations' error at me, how do I get this to work ? Here is a snippet of the code I have for the adapter : -

$adapter = new Zend\Http\Client\Adapter\Socket();
$adapter->setStreamContext(array(
'ssl' => array(
    'verify_peer' => true,
    'allow_self_signed' => false,
    'cafile' => '/usr/local/psa/var/certificates/ca-bundle.pem',
    'verify_depth' => 5,
    'CN_match' => 'https://www.mydomain.co.uk'
)
));

$client->setAdapter($adapter);

Thanks,

Joe


回答1:


First this, but I guess you already did that correctly: How to get .pem file from .key and .crt files?

The error Unable to set verify locations is because Apache can't find or read the key.

Solution:

  1. verify the path is correct
  2. make sure the pem file is readable by the www-user Apache runs with



回答2:


I received the same error when trying to install Composer. The following command corrected the problem for me.

sudo update-ca-certificates

I had installed an SSL certificate on this server following given instructions and it worked for the https connection. It was only when trying to install Composer that I saw the "unable to set verify locations" error. I hope this can save others the hours of research time it cost me!



来源:https://stackoverflow.com/questions/19592446/why-wont-zend-2-http-verify-my-ssl-cert

标签
php
ssl
zend-framework2
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!