CODEWITHSUNDEEP
phpopensslxamppcomposer-phpphp-5.6
yuklia
yuklia

Reputation: 7803

Composer update fails while updating from packagist

While executing composer install/update I have got the following error from openssl:

The "https://packagist.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Failed to enable crypto failed to open stream: operation failed https://packagist.org could not be fully loaded, package information was loaded from the local cache and may be out of date

I am using:

  1. PHP 5.6.3 (cli) (built: Nov 17 2014 15:16:53)
  2. XAMPP stack 5.6.3-0
  3. ubuntu 14.04

composer diag shows:

Checking composer.json: OK
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity: FAIL
[Composer\Downloader\TransportException] The "https://packagist.org/packages.json"  file  could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
Checking disk free space: OK
Checking composer version:

[Composer\Downloader\TransportException]
The "https://getcomposer.org/version" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed

php -r 'var_dump(openssl_get_cert_locations());' shows: 

array(8) {
["default_cert_file"]=>
string(33) "/opt/lampp/share/openssl/cert.pem"
["default_cert_file_env"]=>
string(13) "SSL_CERT_FILE"
["default_cert_dir"]=>
string(30) "/opt/lampp/share/openssl/certs"
["default_cert_dir_env"]=>
string(12) "SSL_CERT_DIR"
["default_private_dir"]=>
string(32) "/opt/lampp/share/openssl/private"
["default_default_cert_area"]=>
string(24) "/opt/lampp/share/openssl"
["ini_cafile"]=>
string(0) ""
["ini_capath"]=>
string(0) ""
}

For php 5.5.19 everything is Ok.

Upvotes: 35

Views: 68432

Answers (12)

Akash Varde
Akash Varde

Reputation: 93

I would like to add a simple answer.

Your problem: The composer is unable to download dependency files due to an incorrect certificate, either it is corrupt, incorrect, or not in place at all.

Your potential easiest solution: Download a new certificate and tell Composer to use the new one.

Step 1: Get CA Certificate from https://curl.se/docs/caextract.html

Step 2: Use the following command to use new certificate composer config --global cafile "<file_path_including_cacert.pem"

Upvotes: 1

Leon
Leon

Reputation: 536

Simply add this configuration to your composer.json file.

"config": {
"secure-http": false
}

Here is an full example of a working composer.json file

  "repositories": [{
    "type": "composer",
    "url": "http://packagist.org"
  }],
  "require": {
    "phpmailer/phpmailer": "^6.0"
  },
  "config": {
    "secure-http": false
  }
}
```

Upvotes: 0

shengji yin
shengji yin

Reputation: 51

1.

php -r "print_r(openssl_get_cert_locations());"

array(8) {
  ["default_cert_file"]=>
  string(31) "/usr/local/etc/openssl/cert.pem"
  ...
}

2.vim php.ini

[openssl]
openssl.cafile=/usr/local/etc/openssl/cert.pem

Upvotes: 5

Praveen Govind
Praveen Govind

Reputation: 5607

I ran into the same exact issue on Windows even after adding valid latest certificate downloaded. I'm running composer behind proxy, So i've to add environment variables http_proxy and https_proxy.

My environment: PHP 5.6.33 Windows 7 64 bit Composer version 1.6.3 2018-01-31 16:28:17

I downloaded latest certificates CA Bundle and updated following paths in my php.ini still didn't work.

curl.cainfo = C:\Certificates\ca-bundle.crt
openssl.cafile= C:\Certificates\ca-bundle.crt
openssl.capath=C:\Certificates

Then did following steps

1) Open chrome browser and navigate https://packagist.org/

2) Click on the little Secure Lock icon

3) Click on Certificates Valid

enter image description here

4)Open Certificate Path tab and you will see the following path levels

enter image description here

5) Need to export the certificate for both 1&2 marked in the image

6) To export certificate, click on view Certificate, Got to Details Tab and click on Copy to file

enter image description here

7)choose BASE 64 encoding

enter image description here

8) click on Next and save that file to a location, Do this for No. (2) shown in setp 4

enter image description here

9) Open the .cer file and copy the content to the end of .crt file which you used to configure in php.ini

Then try running comport install - It's worked for me

Process should be same if you see composer throwing ssl error when accessing sites over proxy.

Upvotes: 7

sim
sim

Reputation: 21

composer clearcache

This worked for me when I get error :

https://packagist.org could not be fully loaded, package information was loaded from the local cache and may be out of date

Upvotes: 2

Everett
Everett

Reputation: 9568

For us, this issue only seemed to affect one of our private repositories. It may have had something to do with certs or a corporate firewall, but it seemed intermittent so we weren't able to confirm before we found a different fix.

Inside composer.json, we changed the repository URL from the https to the ssh variant and added the "no-api": trueoption:

"repositories": [
    {
      "type": "vcs",
      "url": "[email protected]:our-user/our-repo.git",
      "no-api": true
    }
]

With that edit, composer update/install operations were able to complete successfully.

Upvotes: 0

kipzes
kipzes

Reputation: 714

I solved the problem with the SSL error by adding the SSL certificate to the XAMPP certificates folder.

// navigate to a directory to save the certificate
cd /Downloads

// download a certificate
wget http://curl.haxx.se/ca/cacert.pem

// rename and move the file to the Xampp certificates folder
mv cacert.pem /Applications/XAMPP/xamppfiles/share/openssl/cert.pem

Don't forget to restart your apache!

Upvotes: 12

Amanuel Nega
Amanuel Nega

Reputation: 1977

First: Check certificate file location which will be in default_cert_file key, you will found it in openssl_get_cert_locations() its a php openssl function. You can run it as follows:

$ php -r "print_r(openssl_get_cert_locations());"

Output in my system

    Array
    (
        [default_cert_file] => /opt/lampp/share/openssl/cert.pem
        [default_cert_file_env] => SSL_CERT_FILE
        [default_cert_dir] => /opt/lampp/share/openssl/certs
        [default_cert_dir_env] => SSL_CERT_DIR
        [default_private_dir] => /opt/lampp/share/openssl/private
        [default_default_cert_area] => /opt/lampp/share/openssl
        [ini_cafile] => 
        [ini_capath] => 
    )

Second: Download http://curl.haxx.se/ca/cacert.pem:

$ wget http://curl.haxx.se/ca/cacert.pem

Third: Copy certificate.pem file into default_cert_file location:

$ sudo mv cacert.pem /opt/lampp/share/openssl/cert.pem

** FROM https://github.com/composer/composer/issues/3346 **

Upvotes: 1

Neel
Neel

Reputation: 9880

I am using Mac OS Sierra and when I was trying to update the composer using the command /usr/local/bin/composer self-update I kept getting the error:

[Composer\Downloader\TransportException]                                                          
  The "https://getcomposer.org/version" file could not be downloaded: SSL operation failed with co  
  de 1. OpenSSL Error messages:                                                                     
  error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed                 
  Failed to enable crypto                                                                           
  failed to open stream: operation failed

I fixed it following these steps:

1) Create the local database using the command:

sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.locate.plist

2) Locate the cert file:

locate cacert.pem

3) Check the location of the php.ini file:

php --ini

4) If the 'Loaded Configuration File' for php.ini file is showing as (none), copy the file /etc/php.ini.default to /etc/php.ini:

sudo cp /etc/php.ini.default /etc/php.ini

5) Open the php.ini file and edit the ;openssl.cafile= line by uncommenting it and appending the link to the cert file location:

openssl.cafile=/Users/me/.composer/cacert.pem

Thats it. Now, when you run the composer update, it will work fine.

Upvotes: 12

user5030739
user5030739

Reputation: 29

On the mac with XAMPP:

cd /Applications/XAMPP/xamppfiles/share/openssl

sudo curl -O -k http://curl.haxx.se/ca/cacert.pem

sudo mv cacert.pem cert.pem

Stop and Restart Apache

Upvotes: 1

kirilclicks
kirilclicks

Reputation: 1677

Adding openssl.cafile to php.ini worked for me too. Instead of looking for the cert file, I downloaded it directly:

curl http://curl.haxx.se/ca/cacert.pem > cacert.pem

and then just pointed openssl.cafile setting to it.

Upvotes: 6

Manuel Ochoa
Manuel Ochoa

Reputation: 321

I found a solution to this

I'm running:
FreeBSD 10.1
Apache2.4
PHP 5.6.3

To find the CA file I ran this command

> locate cacert.pem

Result was:
/usr/local/lib/perl5/site_perl/5.16/Mozilla/CA/cacert.pem

Then open the php.ini file and
change this:

;openssl.cafile=

To this:

openssl.cafile=/usr/local/lib/perl5/site_perl/5.16/Mozilla/CA/cacert.pem

Note: This directive is only available on php 5.6.x

Then restart Apache

Upvotes: 32

Related Questions