PHP and openssl
Derek (freebsd lists)
482254ac at razorfever.net
Mon Apr 30 20:26:11 UTC 2018
On 18-04-30 10:29 AM, James B. Byrne via freebsd-questions wrote:
> I am trying to get a Squirrelmail-1.4.23, running on FreeBSD-11.1
> under Apache-2.4.33, to connect to our existing Cyrus-IMAP and SMTP
> services using TLS. Examination of the web service log files for ssh
> reveals these messages:
>
> [Mon Apr 30 09:10:22.510233 2018] [:error] [pid 75098] [client
> 192.168.209.44:36022] PHP Warning: fsockopen(): SSL operation failed
> with code 1. OpenSSL Error messages:\nerror:14090086:SSL
> routines:ssl3_get_server_certificate:certificate verify failed in
> /usr/local/www/squirrelmail/src/configtest.php on line 406
> ...
>
> Now, if I connect to inet08.hamilton.harte-lyne.ca:465 using openssl
> s_client I see this:
>
> openssl s_client -connect inet08.hamilton.harte-lyne.ca:465
> CONNECTED(00000003)
> depth=2 CN = CA_HLL_ROOT_2016, ST = Ontario, O = Harte & Lyne Limited,
> OU = Networked Data Services, C = CA, DC = harte-lyne, DC = ca, L =
> Hamilton
> verify error:num=19:self signed certificate in certificate chain
> ---
This looks to me like you don't have your custom CA (or cert) in
your certificate chain.
You might have the option to disable strict checking, but better
- install custom certificate in the machine. This thread seems
relevant:
https://lists.freebsd.org/pipermail/freebsd-questions/2015-March/264652.html
or this:
https://stackoverflow.com/questions/41772340/how-do-i-add-a-certificate-authority-to-php-so-the-file-function-trusts-certif?rq=1
Hope that helps!
Derek
More information about the freebsd-questions
mailing list