Request for help with fsockopen

#1 January 17th, 2007, 04:25 PM

Hi all,
I'm having a problem with fsockopen function, I'm programming with php
4.3 and need to do an HTTP POST over secure socket, ssl, here's my
code:

$context = stream_context_create();
$result = stream_context_set_option($context, 'ssl', 'local_cert',
"/certificate/cert.pem");
$result = stream_context_set_option($context, 'ssl', 'passphrase',
"passphrase");

$sock = fsockopen("ssl://myhost", 443 , $errno, $errstr, 30, $context);
if (!$sock) die("$errstr ($errno)\n");

I get this error when trying to run this code:
Warning: fsockopen(): Unable to set local cert chain file
`/certificate/cert.pem'; Check that your cafile/capath settings include
details of your certificate and its issuer in /path/to/file.php on line
xxx

Dunno what to do, I thought there's something wrong in my certificate
but couldn't find any real explanation on google or php site, If anyone
can help, it would be much appreciated.

#2 January 17th, 2007, 06:55 PM

On 17 Jan 2007 08:21:06 -0800, "Alex" <dna.soldout@gmail.comwrote:

Quote:

>I'm having a problem with fsockopen function, I'm programming with php
>4.3 and need to do an HTTP POST over secure socket, ssl, here's my
>code:
>
>$context = stream_context_create();
>$result = stream_context_set_option($context, 'ssl', 'local_cert',
>"/certificate/cert.pem");
>$result = stream_context_set_option($context, 'ssl', 'passphrase',
>"passphrase");
>
>$sock = fsockopen("ssl://myhost", 443 , $errno, $errstr, 30, $context);
>if (!$sock) die("$errstr ($errno)\n");
>
>I get this error when trying to run this code:
>Warning: fsockopen(): Unable to set local cert chain file
>`/certificate/cert.pem'; Check that your cafile/capath settings include
>details of your certificate and its issuer in /path/to/file.php on line
>xxx
>
>Dunno what to do, I thought there's something wrong in my certificate
>but couldn't find any real explanation on google or php site, If anyone
>can help, it would be much appreciated.

Just to rule out the easy ones first: do you really have a /certificate
directory at the root directory of the filesystem of your server? Remember,
that parameter is not a relative URL.

There's a couple of hits on Google too, particularly one in a user note on the
SOAP part of the manual - is that any help?

http://www.google.co.uk/search?q=%22...th+settings%22

--
Andy Hassall :: andy@andyh.co.uk :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool

#3 January 18th, 2007, 01:15 PM

hi, thakyou for reply, here's what I discovered:

Quote:

Just to rule out the easy ones first: do you really have a /certificate
directory at the root directory of the filesystem of your server? Remember,
that parameter is not a relative URL.

No, I really don't have a /certificate at root, I was using absolute
path, but in reality it is a relative path and it does have the cert in
pem format.

Quote:

There's a couple of hits on Google too, particularly one in a user note on the
SOAP part of the manual - is that any help?
>

Unfortunately not, but I did find a resolution by adding these two
lines of code that add some option parameters to the stream:

$result = stream_context_set_option($context, 'ssl',
'allow_self_signed', true);
$result = stream_context_set_option($context, 'ssl', 'verify_peer',
false);

This way I should accept a certificate self_signed by CA and I don't
verify it. Kinda unsafe but works well.

Alex

Request for help with fsockopen

re: Request for help with fsockopen

re: Request for help with fsockopen

/bytes/development

/bytes/it

/bytes/about