CODEWITHSUNDEEP
phpproxycomposer-phppackagist
Arafath
Arafath

Reputation: 1090

composer installation from behind proxy server

I'm trying to run composer update on windows 10 behind a proxy server, it gives me an error. enter image description here

and I set http proxy using below command

SET HTTP_PROXY="http://192.168.1.6:808"
SET HTTPS_PROXY="http://192.168.1.6:808"

this also return same error.

Upvotes: 2

Views: 17309

Answers (4)

Akinlosotu Samuel Adeniyi
Akinlosotu Samuel Adeniyi

Reputation: 21

The best way if it fails to work is to enter this command

    SET HTTP_PROXY=0
    SET HTTPS_PROXY=0

This will empty the proxy then you can now use composer.install

Upvotes: 0

Alnahdi
Alnahdi

Reputation: 11

encode your password then use

SET HTTP_PROXY="http://username:encodedPassword@hostname:port"
SET HTTPS_PROXY="http://username:encodedPassword@hostname:port"

Upvotes: 0

Thomas Guillier
Thomas Guillier

Reputation: 61

Here are the key points to make Composer work behind a proxy (works on Windows, didn't try on Linux):

1) URL encode your password (for special characters)

You can do that easily with the PHP command line, for example:

Input:

php -r "echo urlencode('P*a/$$/w!0%r$d');"

Output:

P%2Aa%2F%24%24%2Fw%210%25r%24d

Use the generated value to set the HTTP_PROXY and HTTPS_PROXY env variables.

2) Remove the quotes around the HTTP_PROXY and HTTPS_PROXY env variables

From:

SET HTTP_PROXY="http://username:password@hostname:port"
SET HTTPS_PROXY="http://username:password@hostname:port"

To:

SET HTTP_PROXY=http://username:password@hostname:port
SET HTTPS_PROXY=http://username:password@hostname:port

Composer WON'T WORK with quotes, it uses the PHP core function "parse_url" to parse the variable:

With quotes:

php -r "print_r(parse_url('\"http://username:password@proxy:8080\"'));"

Array
(
    [path] => "http://username:password@proxy:8080"
)

Without quotes:

php -r "print_r(parse_url('http://username:password@proxy:8080'));"

Array
(
    [scheme] => http
    [host] => proxy
    [port] => 8080
    [user] => username
    [pass] => password
)

3) Make sure the certificate authority file or path is correctly set for HTTPS connections

Composer will use the first readable file or path in the following order:

  • Env variables:

    SSL_CERT_FILE
SSL_CERT_DIR

  • php.ini:

    openssl.cafile
openssl.capath

  • Files:

        /etc/pki/tls/certs/ca-bundle.crt
    /etc/ssl/certs/ca-certificates.crt
    /etc/ssl/ca-bundle.pem
    /usr/local/share/certs/ca-root-nss.crt
    /usr/ssl/certs/ca-bundle.crt
    /opt/local/share/curl/curl-ca-bundle.crt
    /usr/local/share/curl/curl-ca-bundle.crt
    /usr/share/ssl/certs/ca-bundle.crt
    /etc/ssl/cert.pem
    /usr/local/etc/ssl/cert.pem
    /usr/local/etc/openssl/cert.pem

  • Non-empty folder:

        /etc/pki/tls/certs/
    /etc/ssl/certs/
    /etc/ssl/
    /usr/local/share/certs/
    /usr/ssl/certs/
    /opt/local/share/curl/
    /usr/local/share/curl/
    /usr/share/ssl/certs/
    /etc/ssl/
    /usr/local/etc/ssl/
    /usr/local/etc/openssl/

If none of the above is valid, Composer will use its embedded file:

    composer.phar /vendor/composer/ca-bundle/res/cacert.pem

4) If you experience the "certificate verify failed" error

[Composer\Downloader\TransportException]
The "https://packagist.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
failed to open stream: Cannot connect to HTTPS server through proxy

This means that the used CA file or path does not contains the required certificates.

You may then:

  • extract the default file from composer.phar:

    php -r "(new Phar('composer.phar'))->extractTo('/tmp/cacert/', 'vendor/composer/ca-bundle/res/cacert.pem');"

  • then add the required certificates (e.g. your company proxy certificates) to the end of the file

  • and force this file in php.ini

    [openssl]
; The location of a Certificate Authority (CA) file on the local filesystem
; to use when verifying the identity of SSL/TLS peers. Most users should
; not specify a value for this directive as PHP will attempt to use the
; OS-managed cert stores in its absence. If specified, this value may     still
; be overridden on a per-stream basis via the "cafile" SSL stream context
; option.
openssl.cafile=/tmp/cacert/vendor/composer/ca-bundle/res/cacert.pem

Upvotes: 6

user218046
user218046

Reputation: 633

Maybe it needs authentication too? Try this if so:

SET HTTP_PROXY="http://username:password@hostname:port" SET HTTPS_PROXY="http://username:password@hostname:port"

Upvotes: 0

Related Questions