问答博客资讯标签用户活动
logo极客观点logo项目管理logoHarmonyOS
javascript
前端
python
node.js
react
vue.js
php
laravel
go
人工智能
mysql
linux
ios
java
android
css
typescript
spring
程序员
logoONES 研发管理logo思否企业问答logo安谋科技 XPU

OpenSSL 错误消息:错误:1416F086:SSL 例程:tls_process_server_certificate:证书验证失败

社区维基
1
新手上路,请多包涵

我在 Windows 10 计算机和 Composer 版本 1.9.0 上使用 PHP v7.2

composer create-project --prefer-dist laravel/laravel blog

我正在尝试安装 Laravel 并使用 composer 启动一个项目,但出现以下错误

OpenSSL 错误消息:错误:1416F086:SSL 例程:tls_process_server_certificate:证书验证失败

当我运行 composer diagnose 得到以下结果

PS C:\xampp\htdocs\webstore_services> composer diagnose
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist: Warning: Accessing 192.168.1xx.2xx over http which is an insecure protocol.
OK
Checking https connectivity to packagist: [Composer\Downloader\TransportException] The "https://repo.packagist.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
Checking github.com rate limit: FAIL
[Composer\Downloader\TransportException] The "https://api.github.com/rate_limit" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
Checking disk free space: OK
Checking pubkeys:
Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0  87719BA6 8F3BB723 4E5D42D0 84A14642
Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B  0C708369 153E328C AD90147D AFE50952
OK
Checking composer version:
  [Composer\Downloader\TransportException]
  The "https://getcomposer.org/versions" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
  error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
  Failed to enable crypto
  failed to open stream: operation failed
diagnose

我几乎尝试了互联网上的所有解决方案

php -r "print_r(openssl_get_cert_locations());"

结果

(
    [default_cert_file] => C:\usr\local\ssl/cert.pem
    [default_cert_file_env] => SSL_CERT_FILE
    [default_cert_dir] => C:\usr\local\ssl/certs
    [default_cert_dir_env] => SSL_CERT_DIR
    [default_private_dir] => C:\usr\local\ssl/private
    [default_default_cert_area] => C:\usr\local\ssl
    [ini_cafile] => C:\xampp\php\cacert.pem
    [ini_capath] => C:\xampp\php\cacert.pem
)

我将如何更改 default_cert_file 的位置,只剩下这个?

因为我在企业代理上,所以我设置了代理的环境变量。

https_proxy : http://user:pass@host:port http_proxy : http://user:pass@host:port

在我所做的一切之后,它对我没有帮助。

原文由 Ankit S. 发布,翻译遵循 CC BY-SA 4.0 许可协议

Stack Overflow 翻译phplaravelopensslxamppcomposer-php
阅读 2k
1 个回答
得票最新
社区维基
1

我在搜索类似问题时发现了这一点,因此我可能会抽出几分钟来写一些其他人可能会从中受益的东西。

有时公司代理会终止安全会话以检查您是否没有做任何恶意行为,然后再次对其进行签名,但使用您的操作系统信任的自己的 CA 证书,但可能不被 openssl 信任。您可以使用 openssl 本身进行检查:

 openssl s_client -connect fully.qualified.domain.name:port

上面的命令应该为您提供所提供的证书。只需寻找:

 ---
Certificate chain
 0 s:/long/DN/rewritten/from/the/original/certificate
   i:/proxy/issuer/certificate
 1 s:/proxy/issuer/certificate
   i:/corporate/root/CA
 2 s:/corporate/root/CA
   i:/corporate/root/CA
---

所以基本上你想让根 CA 证书受信任。

原文由 Michał 发布,翻译遵循 CC BY-SA 4.0 许可协议

撰写回答
你尚未登录,登录后可以
  • 和开发者交流问题的细节
  • 关注并接收问题和回答的更新提醒
  • 参与内容的编辑和改进,让解决方法与时俱进
推荐问题