Closed martinbutt closed 8 years ago
Hello @martinbutt,
It seems your problem comes from the fact that your computer does not trust the Blackfire Certificate Authority (http://blaoism.blogspot.fr/2010/05/sslerrorssl-error14090086lib20func144re.html).
I would say this is a problem with your ca-file (or at least the one used by the Blackfire SDK).
To find the problem, could you please do the following:
curl -I https://blackfire.io
. If this does not work, the global ca-file on this machine is the problem.<?php echo file_get_contents('https://blackfire.io');
. If this does not work, the ca-file used by PHP is not the right one.composer/ca-bundle
package that load the wrong ca-file: please run <?php echo \Composer\CaBundle\CaBundle::getSystemCaRootBundlePath();
and copy the result here.Thanks by advance!
Best regards, Titouan
Hi @tgalopin,
1 & 2 return a 200 3 returns "/etc/pki/tls/certs/ca-bundle.crt"
I did a "yum update ca-certificates" which updated that file to the latest version, which on CentOS 6.4 is 2015.2.6-65.0.1.el6_7. That didn't help. I also manually added the blackfire.io certificate to the trusted certs, also didn't help. (Obviously I restarted php-fpm).
A curl -v confirms that the certificate it is using is "/etc/pki/tls/certs/ca-bundle.crt", which returns the 200. So the cert must be good. I'm just unsure why PHP is having an issue.
Composer has "composer/ca-bundle": "1.0.3".
Cheers, Martin
Hello @martinbutt,
I'm suspecting an issue in the SDK code. In your vendor directory, could you modifiy the following line and test again:
In Client.php, at line 443 (https://github.com/blackfireio/php-sdk/blob/master/src/Blackfire/Client.php#L433), change from:
if (is_dir($caPath)) {
$sslOpts['ssl']['capath'] = $caPath;
} else {
$sslOpts['ssl']['cafile'] = $caPath;
}
to
if (is_dir($caPath)) {
$sslOpts['capath'] = $caPath;
} else {
$sslOpts['cafile'] = $caPath;
}
That worked! Thanks.
Calling code:
Result:
If I change \Blackfire\Client::sendHttpRequest()
to
it works. I have tried updating the ca-certs on that machine, but no joy.