Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
Dr Zhmurge2022-02-13 14:24:22
Digital certificates
Dr Zhmurge, 2022-02-13 14:24:22

What should be the certificate for Websocket communication over ssl?

When connecting, an error occurs:

SSL handshake error: stream_socket_enable_crypto(): Unable to set local cert chain file `/var/www/u0119078/data/www/.../cert/certificate.pem'; Check that your cafile/capath settings include details of your certificate and its issuer

The certificate and key are specified like this:
$context = array(
    'ssl' => array(
        'local_cert'  => __DIR__ . '/cert/certificate.pem',
        'local_pk'    => __DIR__ . '/cert/key.key',
        'verify_peer' => false,
    )
);

The content of the certificate is as follows:
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAx210MjRQxRlgvnIQnC0c8FxMA0GCSqGSIb3DQEBCwUA
...
ecUrrujVtwgFAxYLHz8BaooCeIgbphdAU3c9BBl0z7NZ0h6IRoDl+Mkk3OPR
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
...
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----

-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEA62gKKWi4QlegmfAnZ6xMhsPElH6PnClEMgTSL7wfymFpAIr1
...
ILXmQaor/Dw//Adk/BYpBtQjAIFP7VTToCHISBZsEKY6/tgHtMBY
-----END RSA PRIVATE KEY-----

What should be in this certificate so that it can build the chain as indicated in the error?
Somewhere there is a video that at the beginning there is some kind of bag infa, but I don’t understand what it contains and where it comes from.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
D
Dr Zhmurge, 2022-02-14
@DrZhmurge

There was a problem with the PRIVATE KEY file. Error occurred all the time

unable to load Private Key
139633364686736:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:707:Expecting: ANY PRIVATE KEY

Changing the encoding in notepad, extensions, did not lead to anything. I haven't noticed yet that line breaks are saved as CR LF in the certificate. And in the key just like CR (in order to see it turn on "display all characters" in the settings).
620a22a490a36477267271.jpeg
I didn’t bother, but simply copied the key instead of the certificate and saved it so that the encoding got up.
After that, all checks were successful and the certificate began to work.

Report
K
ky0, 2022-02-13
@ky0

The same one used for HTTPS, there is no difference from the web server point of view. How to create a chain - usually written on the website of the certification center.

Similar questions
Z
Zefirot2021-04-06 21:34:09
What does the warning during installation affect? 1Reply
W
wlad11642018-08-06 17:00:18
Setting up OpenVPN to work with tls\ssl? 3Reply
S
scsiworm2016-03-21 23:35:48
How to pass certificate-based authentication over SSL in Apache Axis in C#? 0Reply
S
Shane Matte2016-03-22 12:44:28
Why sometimes ssl fails to verify when accessing a site? 2Reply
Q
QWATRIX2020-08-03 01:18:29
What is the best way to flash an Android app to cut SSL Pinning? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question