堆栈内存溢出
  简体   繁体   English

PHP:未使用 stream_socket_client() 设置 TLS 套接字

[英]PHP: TLS socket not setting up using stream_socket_client()

 原文  2018-02-08 12:14:56       php/ sockets/ ssl

问题描述

I'm trying to open a TLS connection using this code:我正在尝试使用以下代码打开 TLS 连接:

<?php

$cafile = '/var/www/html/mosquitto/cert.pem';

$socketContext = stream_context_create(["ssl" => [
    "verify_peer_name" => true,
    "cafile" => $cafile
]]);

$socket = stream_socket_client("tls://xx.xx.xx.xx:8883", $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $socketContext);

if (!$socket) {
    print("Error: ".$errstr);
    return false;
}else{
    print("Connection Opened");
}

?>

Nginx error log: Nginx 错误日志:

2018/02/08 17:40:28 [error] 1331#1331: *658 FastCGI sent in stderr: "PHP message: PHP Warning:  stream_socket_client(): SSL operation $
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /var/www/html/test.php on line 10
PHP message: PHP Warning:  stream_socket_client(): Failed to enable crypto in /var/www/html/test.php on line 10
PHP message: PHP Warning:  stream_socket_client(): unable to connect to tls://xx.xx.xx.xx:8883 (Unknown error) in /var/www/html/test.$

This is always getting in error section !$socket but without any error string.这总是进入错误部分!$socket但没有任何错误字符串。 It's just Error: .这只是Error: How can I fix this issue?我该如何解决这个问题? I'm speculating cert.pem file may be the issue.我推测 cert.pem 文件可能是问题所在。 What file do I need to put there?我需要把什么文件放在那里?

Thanks!谢谢!

1 个解决方案

解决方案1
 1  2018-02-08 12:34:44

How can I fix this issue?我该如何解决这个问题?

That's going to be very hard until you know what the issue is.在你知道问题是什么之前,这将是非常困难的。

Clearly tackling the problem using stream_socket_client is not working and is not giving you any useful diagnostic information.显然,使用 stream_socket_client 解决问题不起作用并且没有为您提供任何有用的诊断信息。 You need to breakdown what this call is doing and test each part in isolation.您需要分解此调用正在执行的操作并单独测试每个部分。

Does 'xx.xx.xx.xx' represent an IP address or a hostname? 'xx.xx.xx.xx' 是代表 IP 地址还是主机名? If it's the latter you may have issues with resolution.如果是后者,您可能会遇到分辨率问题。 Try dns_get_record () If its the former, how do you expect to validate the subject of the certificate?试试dns_get_record () 如果是前者,你希望如何验证证书的主题?

Can you connect on port 8883?你可以在端口 8883 上连接吗? Try fsockopen ()试试fsockopen ()

Is SSL working? SSL 有效吗?

  • Can you negotiate a cypher你能协商一个密码吗
  • Is the certificate valid证书是否有效
  • is the certificate signed by a CA in your certs.pem file是 certs.pem 文件中由 CA 签署的证书

You can check these from the command line with openssl s_client您可以使用openssl s_client从命令行检查这些

Update更新

From your edit: certificate verify failed - see note above regarding IP address and certificate vlidation从您的编辑: certificate verify failed - 请参阅上面有关 IP 地址和证书验证的说明

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP stream_socket_client 不使用代理 - PHP stream_socket_client not using proxy PHP:无法使用带有功能stream_socket_client()的TLS协议设置私钥文件 - PHP: Unable to set private key file using TLS protocol with function stream_socket_client() PHP stream_socket_client无法连接 - PHP stream_socket_client fails to connect PHP stream_socket_client()警告 - PHP stream_socket_client() Warning PHP stream_socket_client和Facebook聊天 - PHP stream_socket_client and facebook chat PHP 5.6更新stream_socket_client-不再打开套接字 - php 5.6 update stream_socket_client - No longer opening socket stream_socket_client失败 - stream_socket_client is failing stream_socket_client错误 - error with stream_socket_client 如何将stream_socket_client绑定到php中的接口? - how to bind stream_socket_client to an interface in php? php,mqtt:stream_socket_client():无法连接到<server><port> - php,mqtt: stream_socket_client(): unable to connect to <server><port>
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM