Execute openssl s_client with php

Question

I'm trying to connect to .me registrar EPP OT&E server from PHP with no success. I am using the php-epp library (https://github.com/centralnic/php-epp) but the problem is that I can't open the connection.

I can open a connection (or at least it seems) with the following command:

openssl s_client -connect ote1.meregistry.net:700 -cert certificate.crt -key privateKey.key -CAfile PCA-3.pem -showcerts -state

That returns:

CONNECTED(00000003)

SSL_connect:before/connect initialization

SSL_connect:SSLv2/v3 write client hello A

How can I reproduce this command in PHP? I tried this with no success:

 $context = stream_context_create();
 stream_context_set_option($context, 'ssl', 'local_cert', 'pemcertificate.pem');
 stream_context_set_option($context, 'ssl', 'passphrase', '');
 stream_context_set_option($context, 'ssl', 'cafile', 'PCA-3.pem');
 stream_context_set_option($context, 'ssl', 'verify_peer', false);
 stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
 $epp = new Net_EPP_Client();
 echo "\nConnecting..";
 $epp->connect('ote1.meregistry.net', 700, 20, true, $context);

I receive this error:

stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure

Any advice?

Thanks

Answer 1

I found the problem: the certificate I was using was not valid.

Furthermore, for some servers, the command openssl s_client needs a flag -no_tls1 that allows the command to execute correctly.

Hope it will be useful for someone else!