install/php
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
php/DOC/READNE.ssl-connection-error

122 lines
3.5 KiB
Plaintext
Raw Permalink Blame History

# ----------
# see also:
# https://github.com/lazyfrosch/docker-icingaweb2/issues/1
# https://stackoverflow.com/questions/31842400/ssl-issue-after-pear-channel-update-pear-php-net/46544219#46544219
#
# possible errors
#
# - download of pgp source code failed
# in tha case try to add certificate to ca-certificates file
#
# - pecl runs into error "Connection to `ssl://pecl.php.net:443' failed:"
# - pear runs into error "Connection to `ssl://pear.php.net:443' failed:"
# in that cases try to add certificate to 'default_cert_file' ..
#
# ----------
cert_URL="https://curl.haxx.se/ca/cacert.pem"
cert_name="$(basename "https://curl.haxx.se/ca/cacert.pem")"
cert_name_crt="${cert_name%.*}.crt"
# ===
# Add certificate to default certification file (default_cert_file)
# --
# RUN php -r "print_r(openssl_get_cert_locations());"
#
# This will output dfefault ssl certificate locations
#
# Array
# (
# [default_cert_file] => /usr/lib/ssl/cert.pem
# [default_cert_file_env] => SSL_CERT_FILE
# [default_cert_dir] => /usr/lib/ssl/certs
# [default_cert_dir_env] => SSL_CERT_DIR
# [default_private_dir] => /usr/lib/ssl/private
# [default_default_cert_area] => /usr/lib/ssl
# [ini_cafile] =>
# [ini_capath] =>
# )
PHP=/usr/local/php-8.1/bin/php
_default_cert_file="$($PHP -r "print_r(openssl_get_cert_locations());" | grep -E "\[default_cert_file\]" | awk '{print$3}')"
wget --no-check-certificate -O ${_default_cert_file} "${cert_URL}"
# ===
# add certificate to ca-certificates file
# ===
_path_to_openssl_dir="$(openssl version -d | awk '{print$2}')"
_path_to_openssl_dir=${_path_to_openssl_dir#\"}
_path_to_openssl_dir=${_path_to_openssl_dir%\"}
_path_to_openssl_dir="$(realpath "${_path_to_openssl_dir}")"
_default_cert_dir="$(realpath "${_path_to_openssl_dir}/certs")"
if [[ -d "/usr/local/share/ca-certificates/" ]] ; then
wget --no-check-certificate -O "/usr/local/share/ca-certificates/${cert_name_crt}" "${cert_URL}"
fi
update-ca-certificates
c_rehash "${_default_cert_dir}"
# =====
# Find the path to the trusted certificates and add certificate there
# =====
# ---
# using PHP
# ---
#
# RUN php -r "print_r(openssl_get_cert_locations());"
#
# This will output dfefault ssl certificate locations
#
# Array
# (
# [default_cert_file] => /usr/lib/ssl/cert.pem
# [default_cert_file_env] => SSL_CERT_FILE
# [default_cert_dir] => /usr/lib/ssl/certs
# [default_cert_dir_env] => SSL_CERT_DIR
# [default_private_dir] => /usr/lib/ssl/private
# [default_default_cert_area] => /usr/lib/ssl
# [ini_cafile] =>
# [ini_capath] =>
# )
#
PHP=/usr/local/php-8.1/bin/php
$PHP -r "print_r(openssl_get_cert_locations());"
#
_default_cert_dir="$($PHP -r "print_r(openssl_get_cert_locations());" | grep -E "\[default_cert_dir\]" | awk '{print$3}')"
_default_cert_dir="$(realpath "${_default_cert_dir}")"
# ---
# using openssl directly
# ---
_path_to_openssl_dir="$(openssl version -d | awk '{print$2}')"
_path_to_openssl_dir=${_path_to_openssl_dir#\"}
_path_to_openssl_dir=${_path_to_openssl_dir%\"}
_path_to_openssl_dir="$(realpath "${_path_to_openssl_dir}")"
if [[ ! -d "${_path_to_openssl_dir}/certs" ]] ; then
mkdir "${_path_to_openssl_dir}/certs"
fi
_default_cert_dir="$(realpath "${_path_to_openssl_dir}/certs")"
# ---
# Download certificate and save it into directory '${_default_cert_dir}'
# ---
wget --no-check-certificate -P "${_default_cert_dir}" "${cert_URL}"
chmod 644 "${_default_cert_dir}/${cert_name}"
c_rehash "${_default_cert_dir}"
Reference in New Issue View Git Blame Copy Permalink