Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
Dr Zhmurge2022-02-13 14:24:22
Digital certificates
Dr Zhmurge, 2022-02-13 14:24:22

What should be the certificate for Websocket communication over ssl?

When connecting, an error occurs:

SSL handshake error: stream_socket_enable_crypto(): Unable to set local cert chain file `/var/www/u0119078/data/www/.../cert/certificate.pem'; Check that your cafile/capath settings include details of your certificate and its issuer

The certificate and key are specified like this:
$context = array(
    'ssl' => array(
        'local_cert'  => __DIR__ . '/cert/certificate.pem',
        'local_pk'    => __DIR__ . '/cert/key.key',
        'verify_peer' => false,
    )
);

The content of the certificate is as follows:
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAx210MjRQxRlgvnIQnC0c8FxMA0GCSqGSIb3DQEBCwUA
...
ecUrrujVtwgFAxYLHz8BaooCeIgbphdAU3c9BBl0z7NZ0h6IRoDl+Mkk3OPR
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
...
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----

-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEA62gKKWi4QlegmfAnZ6xMhsPElH6PnClEMgTSL7wfymFpAIr1
...
ILXmQaor/Dw//Adk/BYpBtQjAIFP7VTToCHISBZsEKY6/tgHtMBY
-----END RSA PRIVATE KEY-----

What should be in this certificate so that it can build the chain as indicated in the error?
Somewhere there is a video that at the beginning there is some kind of bag infa, but I don’t understand what it contains and where it comes from.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
D
Dr Zhmurge, 2022-02-14
@DrZhmurge

There was a problem with the PRIVATE KEY file. Error occurred all the time

unable to load Private Key
139633364686736:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:707:Expecting: ANY PRIVATE KEY

Changing the encoding in notepad, extensions, did not lead to anything. I haven't noticed yet that line breaks are saved as CR LF in the certificate. And in the key just like CR (in order to see it turn on "display all characters" in the settings).
620a22a490a36477267271.jpeg
I didn’t bother, but simply copied the key instead of the certificate and saved it so that the encoding got up.
After that, all checks were successful and the certificate began to work.

Report
K
ky0, 2022-02-13
@ky0

The same one used for HTTPS, there is no difference from the web server point of view. How to create a chain - usually written on the website of the certification center.

Similar questions
K
krll-k2014-08-11 15:18:55
How to know if curl is installed with openssl and zlib support? How to install curl from sources with openssl and zlib support? 1Reply
S
slava kk2019-01-28 10:49:59
How to install ssl certificate on computer using c++? 0Reply
D
Den Alex Smith2019-01-29 10:51:58
How to connect SSL certificate(s) to all virtual hosts using Webmin? 1Reply
L
lovesuper2014-08-14 21:05:03
How to make 2 https hosts (domain and subdomain) with different ssl certificates in nginx on one IP? 3Reply
D
Dmitry2016-08-30 10:04:42
Why is there no connection to smtp.yandex.ru from sites on https://? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question