https://www.yangdx.com/2019/09/56.html
- 本文地址: https://www.yangdx.com/2019/09/56.html
- 转载请注明出处
前段时间把服务器的 OpenSSL 升级了到 1.1.1c 版本,今天安装 Composer 的时候报错了!
报错的指令为:
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
PHP 的错误日志记录如下:
PHP Warning: copy(): SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in Command line code on line 1
PHP Warning: copy(): Failed to enable crypto in Command line code on line 1
PHP Warning: copy(https://getcomposer.org/installer): failed to open stream: operation failed in Command line code on line 1
经检查,报错是因为无法验证 CA 证书。
解决办法:
1、先检查 /etc 目录里有没有这样的文件:/etc/ssl/certs/ca-bundle.crt 或 /etc/pki/tls/certs/ca-bundle.crt。如果有的话,把这个路径配置到 php.ini 里:
openssl.cafile=/etc/ssl/certs/ca-bundle.crt
2、如果以上路径的文件不存在,则需要手动下载 CA 证书文件:
#新建目录用于存放 CA 证书 mkdir -p /usr/local/openssl/ssl/certs #下载 CA 证书 curl -o /usr/local/openssl/ssl/certs/cacert.pem https://curl.haxx.se/ca/cacert.pem
记得修改文件目录权限为当前用户
然后在 php.ini 里配置:
openssl.cafile=/usr/local/openssl/ssl/certs/cacert.pem
3、记得重启 php-fpm。
标签:tls,certificate,ssl,openssl,failed,certs,line From: https://www.cnblogs.com/rxbook/p/17003331.html