search

norkunas / onesignal-php-api

OneSignal API for PHP
MIT License
233 stars 82 forks source link

cURL error 60: SSL certificate problem: certificate has expired #174

Open nathanael-anstett opened 8 months ago

nathanael-anstett commented 8 months ago

Hello,

I have the 1.13.0 version installed, and I create my client the following way :

public function __construct() {
      parent::__construct();
      $config = new Config();
      $config->setApplicationId('APP_ID');
      $config->setApplicationAuthKey('AUTH_KEY');
      $config->setUserAuthKey('USER_AUTH_KEY');

      $guzzle = new GuzzleClient(['defaults' => [
          'verify' => false
      ]]);

      $client = new HttpClient(new GuzzleAdapter($guzzle), new GuzzleMessageFactory());
      $this->api = new OneSignal($config, $client);
  }

This code has been running for several years, and since yesterday, my app crashes when I try to send a notification.

Here is the error I get :

object(OneSignal\Exception\OneSignalException)#58 (7) { ["message":protected]=> string(119) "cURL error 60: SSL certificate problem: certificate has expired (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)" ["string":"Exception":private]=> string(0) "" ["code":protected]=> int(0) ["file":protected]=> string(73) "/var/www/html/bop_api/vendor/norkunas/onesignal-php-api/src/OneSignal.php" ["line":protected]=> int(114) ["trace":"Exception":private]=> array(5) { [0]=> array(6) { ["file"]=> string(77) "/var/www/html/bop_api/vendor/norkunas/onesignal-php-api/src/Notifications.php" ["line"]=> int(77) ["function"]=> string(7) "request" ["class"]=> string(19) "OneSignal\OneSignal" ["type"]=> string(2) "->" ["args"]=> array(4) { [0]=> string(4) "POST" [1]=> string(14) "/notifications" [2]=> array(1)

It seems to be related to an expired SSL certificate, but I do not understand which certificate is causing the issue, since my hosting has a valid ongoing certificate

Thank you in advance for your help

norkunas commented 8 months ago

Hello, This library just does use any http client that you provide and make http calls, so there is no way to resolve something like this here.

Frankly I never ran into this error, so only I can guess that something could changed in curl/php curl extension or guzzle.

What is your OS? What's your php version? Which guzzle do you use? Why do you set verify: false ?

Note that v1 branch is not maintained anymore, you should upgrade to v2

nathanael-anstett commented 8 months ago

Hello, thank you very much for your quick reply.

The project is running with php 7.0 on Debian 9. Guzzle version is "php-http/guzzle6-adapter": "^1.1".

I did set verify: false to bypass the SSL certificate check since the error I get is cURL error 60: SSL certificate problem: certificate has expired. I did not really understand to which SSL certificate it was referring.

Since it is a very old project, I think that we are just going to do an update on all of our old dependencies.

Thank you for your time helping me :-)

norkunas commented 8 months ago

Did you try to run the guzzle directly avoiding the library? Does it have same error? If it's same then you could try to set manually cafile for curl:

    curl_setopt($ch, CURLOPT_CAINFO, '/path/to/cafile.pem');
    curl_setopt($ch, CURLOPT_CAPATH, '/path/to/cafile.pem');

Refer to the guzzle docs how to do this :wink: you can download the cafile from https://curl.se/docs/caextract.html