fsockopen errors with SSL

Question

I am trying to use fsockopen on localhost with https on Windows, using Wamp. It is working fine on http but not on https.

I created a certificate with OpenSSL (How to install: OpenSSL + WAMP) and declared a virtual host in httpd-vhosts.conf file.

Here is the PHP code:

$fp = fsockopen("ssl://localhost", 443, $errno, $errstr, FSOCKOPEN_TIMEOUT); // same pb with ssl://www.localhost

That generates following errors:

PHP Warning:  fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
PHP Warning:  fsockopen(): Failed to enable crypto
PHP Warning:  fsockopen(): unable to connect to ssl://localhost:443 (Unknown error)

I also have following warning in my ssl error log file when Apache starts (I don't know if it may be related):

[ssl:warn] [pid 6008:tid 596] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name

Do you have any idea what I did wrong?

Thank you!

Answer 1

Keep in mind - if you create a ssl certificate locally on your own it's normally not trusted by clients (e.g. webbrowser)

When you have followed the cert creation process you have been asked about the Common Name (CN). That should be a domain over which you are planning to serve your webpage, or, when you only use it locally it can also be localhost. In your case you used something differnt which does not match the ServerName or ServerAlias in your apache config.

Atm I don't understand why you want connect to localhost via ssl - from a security perspective it's not really necessary.

Otherwise you could force your client (php) to not check the certificate's validity

<?php
$context = stream_context_create([
    'ssl' => [
        'verify_peer' => false,
        'verify_peer_name' => false
    ]
]);
$fp = stream_socket_client("ssl://localhost", $errno, $errstr, ini_get("default_socket_timeout"), STREAM_CLIENT_CONNECT, $context);

But do that only (!) for local connections