Openssl: error:14090086:ssl routines:ssl3_get_server_certificate:certificate verify failed

author avatar

0 Followers

etting an error as follows whenever I am trying to connect to the server via fsockopen().

The certificate on the server or host is self signed.

PHP Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

My code as below 
`if($fp = fsockopen($host, $port, $errno, $errstr, 20)){

$this->request = 'POST '.substr($this->url, strlen($this->host)).' HTTP/1.1'.$crlf .'Host: '.$this->host.$crlf .'Content-Length: '.$content_length.$crlf .'Connection: Close'.$crlf.$crlf .$body;fwrite($fp, $this->request);while($line = fgets($fp)){ if($line !== false){ $this->response .= $line; }}fclose($fp);

}`

Have tried following

`# cd /etc/ssl/certs/

wget http://curl.haxx.se/ca/cacert.pem`

The php.ini

openssl.cafile = "/etc/ssl/certs/cacert.pem"
But the script is still failing to work as expected.
I need your help to solve this

Solution :

I was on my CentOS 7 and my PHP installation was pointing to the certificate that was generated by using update-ca-trust. And the symlink was /etc/pki/tls/cert.pem and was pointing to /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem. This was just my test server and I wanted my self signed cert to work properly. So in my case as follows

My root ca-trust folder was on below path and. I copied the .crt file to this location and also renamed it to a .pem /etc/pki/ca-trust/source/anchors/self-signed-cert.pem After that run following command and it should regenerate the certs for you and will include your selfsigned cert file.also update-ca-trust

After doing this some of my api calls started working as my cert was now trusted. After that I just ran the following command man update-ca-trust . 

The SMTP server requires a secure connection or the client was not authenticated. The server response was:

Top
Comments (0)
Login to post.