l008com Posted October 14, 2021 Share Posted October 14, 2021 The LetsEncrypt root certificate expired on October 1st. I'm running one old server that does not contain this certificate. So I had to manually add it to the operating system so curl and web browsers could again communicate with domains that use LetsEncrypt SSL. It was pretty easy and hacks like that are to be expected when running a server thats a bit old. But PHP still isn't working. Using stream_context_create( ), I'm still unable to connect to LetsEncrypt certificates. So it would seem that PHP is not using the system's certificate roots. Does it have it's own collection of certs somewhere? If so, is there a way I can verify that, and then add the new LetsEncrypt one to it? Quote PHP Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /scripts/ssl.test.php on line 9 Quote Link to comment Share on other sites More sharing options...
requinix Posted October 14, 2021 Share Posted October 14, 2021 Installing the certificate may not be enough. PHP is using OpenSSL. What version of that do you have? Is it at least 1.1.0? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.