Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Composer -- > error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

I can connect to SSL sites, installed composer through command line through HTTPS. Checked the OPENSSL version SSL Version => OpenSSL/1.0.1j . So where is the problem? Thoughts?

Here is the raw output.

[kunaaljain@localhost php]$ /opt/lampp/bin/php-5.6.3 composer.phar diagChecking composer.json: FAIL
the property name is required
the property description is required
No license specified, it is recommended to do so. For closed-source software you may use "proprietary" as license.
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity: FAIL
[Composer\Downloader\TransportException] The "https://packagist.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
failed to open stream: Cannot connect to HTTPS server through proxy
Checking HTTP proxy: FAIL
[Composer\Downloader\TransportException] The "https://packagist.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
failed to open stream: Cannot connect to HTTPS server through proxy
like image 383
Ignited Avatar asked Jan 31 '15 06:01

Ignited


3 Answers

This is an OpenSSL issue with php > 5.6. Rob Allen has a fix using homebrew here: http://akrabat.com/ssl-certificate-verification-on-php-5-6/

There is also an official issue on github for Composer: https://github.com/composer/composer/issues/2798#issuecomment-68200214

Editing your php.ini linking your cert files should fix it:

curl.cainfo=/full/path/to/ssl/certs/ca-bundle.crt
openssl.cafile=/full/path/to/ssl/certs/ca-bundle.crt

This question tells you how to find the correct path: Composer update fails while updating from packagist

like image 106
webDEVILopers Avatar answered Oct 18 '22 22:10

webDEVILopers


I had the same case on my Mac, after I did update to OSX El Capitan and did update of other things at the same time in my development environment.

I burned half a day investigating, and came to conclusion that the reason was in openssl having obsolete certificates. Solution was to extract certificates from Apple’s Keychain, via bash script:

    cert_file="$( openssl version -d | awk -F'"' '{print $2}' )/cert.pem"
    mkdir -p "${cert_file%/*}"
    security find-certificate -a -p /Library/Keychains/System.keychain > "$cert_file"
    security find-certificate -a -p /System/Library/Keychains/SystemRootCertificates.keychain >> "$cert_file"

This should help in most of the cases, if configuration of openssl was not manually messed up before. Simple update of certificates is needed.

like image 36
Farside Avatar answered Oct 18 '22 23:10

Farside


I had this same issue when trying to run composer in my local vagrant environment. Found the issue to be caused by the system clock being out of sync.

Fixed by running

  vagrant ssh
  sudo apt install ntpdate
  sudo ntpdate ntp.ubuntu.com
  sudo timedatectl set-ntp on
  sudo service ntp stop
  sudo ntpd -gq
  sudo service ntp start
like image 2
naw103 Avatar answered Oct 18 '22 21:10

naw103