How does the problem cause an error, how to solve it in CentOS7 when using the PHP function get_headers(): SSL operation failed with code 1(OpenSSL Error)?

M

Mark2021-10-03 17:34:20

linux

Mark, 2021-10-03 17:34:20

A few days ago I started getting an error when using get_headers()/file_get_contents():

get_headers(): SSL operation failed with code 1.
OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed

1) Did the problem arise because the server has a certain certificate and it is out of date?

2) When trying to navigate to /etc/ssl/certs redirects to /etc/pki/tls/certs . It contains certificates:

/etc/pki/tls/certs

There is a cert.pem certificate in the directory one level up .

/etc/pki/tls

Which of the certificates should be renewed in my case?

3) How is the renewal of certificates in CentOS 7? Is there any way I can use Let's Encrypt to do this?

PS
#1: cURL works without problems.
#2: The remote servers being accessed have valid certificates.
#3: Wouldn't want to ignore the certificate - it's reported to be a security hazard. I would like to solve the problem.

Ignore certificate

'ssl' => [
        'cafile' => '/path/to/bundle/cacert.pem',
        'verify_peer'=> true,
        'verify_peer_name'=> true,
    ],

Thank you.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

G

galaxy, 2021-10-03
@MarkLb

Judging by the size, your CA base is generally empty.
yum update ca-certificatesor yum reinstall ca-certificates
(or in more detail https://access.redhat.com/solutions/1549003 )
It's strange, of course, that curl works... Do curl --cacert dummy_xxx https://www.google.com- should show the used folder with CA certificates.