我正在使用php v7.2,在Windows 10计算机和作曲家版本1.9.0
上 composer create-project --prefer-dist laravel/laravel blog
我正在尝试安装Laravel,并使用作曲家启动一个项目,但获得以下错误
openssl错误消息:错误:1416F086:SSL例程:tls_process_server_certificate:证书验证失败
当我运行composer diagnose以下时,结果
PS C:xampphtdocswebstore_services> composer diagnose
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity to packagist: Warning: Accessing 192.168.1xx.2xx over http which is an insecure protocol.
OK
Checking https connectivity to packagist: [ComposerDownloaderTransportException] The "https://repo.packagist.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
Checking github.com rate limit: FAIL
[ComposerDownloaderTransportException] The "https://api.github.com/rate_limit" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
Checking disk free space: OK
Checking pubkeys:
Tags Public Key Fingerprint: 57815BA2 7E54DC31 7ECC7CC5 573090D0 87719BA6 8F3BB723 4E5D42D0 84A14642
Dev Public Key Fingerprint: 4AC45767 E5EC2265 2F0C1167 CBBB8A2B 0C708369 153E328C AD90147D AFE50952
OK
Checking composer version:
[ComposerDownloaderTransportException]
The "https://getcomposer.org/versions" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
diagnose
我尝试了Internet上的几乎所有解决方案
php -r "print_r(openssl_get_cert_locations());"
结果
(
[default_cert_file] => C:usrlocalssl/cert.pem
[default_cert_file_env] => SSL_CERT_FILE
[default_cert_dir] => C:usrlocalssl/certs
[default_cert_dir_env] => SSL_CERT_DIR
[default_private_dir] => C:usrlocalssl/private
[default_default_cert_area] => C:usrlocalssl
[ini_cafile] => C:xamppphpcacert.pem
[ini_capath] => C:xamppphpcacert.pem
)
我将如何更改default_cert_file的位置,仅保留?
由于我在公司代理人上,所以我设置了代理人的环境。
https_proxy:http://user:Pass@host:port:porthttp_proxy:http://user:Pass@host:port
在我做的一切之后,它没有帮助。
我不知道我是否会回答你,但我会尝试启发你:
这是一个安全的连接故障:生成证书
时定义default_cert_file错误:1416F086:SSL是一个错误服务器拒绝了您的证书,因为它被撤销,不存在或不正确相同的错误可能在带有错误代码的浏览器中发生:SSL_ERROR_REVOKED_CERT_ALERT或SSL_ERROR_HANDSHAKE_FAILURE_ALER,当时安全证书没有或不再有效
生成根证书时,这可能取决于指定几个信息的配置文件,尤其是路径:
[ca_default]dir = ./certificats#保留一切
openssl等...
我认为您正在寻找的是类似的
SSL上下文选项SSL上下文选项 - SSL上下文选项列表
Cafile String
Location of Certificate Authority file on local filesystem which should be used with the verify_peer context option to authenticate the identity of the remote peer.
Capath String
If cafile is not specified or if the certificate is not found there, the directory pointed to by capath is searched for a suitable certificate. capath must be a correctly hashed certificate directory.
此错误的最常见原因是不同步的日期/时间,请检查机器的本地时间是什么,并使用NTP或Chrony等命令来同步您的时间。
如果您在Docker容器中遇到此问题,则容器将使用您的主机时间。但是,将计算机置于休眠模式将使时间锁定。唯一的解决方案是重新启动整个计算机。
我在寻找类似的问题时发现了这个,所以我可能会花几分钟写一些其他人可能会受益的东西。
有时公司代理终止安全会议,以检查您是否不做任何恶意的事情,然后再次签名,但是使用您自己的OS信任的CA证书,但可能不受OpenSSL的信任。您可以使用OpenSSL本身检查:
openssl s_client -connect fully.qualified.domain.name:port
上面的命令应为您提供介绍的证书。只是寻找:
---
Certificate chain
0 s:/long/DN/rewritten/from/the/original/certificate
i:/proxy/issuer/certificate
1 s:/proxy/issuer/certificate
i:/corporate/root/CA
2 s:/corporate/root/CA
i:/corporate/root/CA
---
因此,基本上您想信任根CA证书。
最近,Web服务器端通常需要PFX,JKS等的完整证书链。在这种情况下