file_get_contents() ssl operation failed from my own server only

Question

I’ve been trying to access a HTML page on my own server over HTTPS. So script returns following errors:

PHP Version is 5.6.38

Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed in /home/user/public_html/index.php on line 11

Warning: file_get_contents(): Failed to enable crypto in /home/user/public_html/index.php on line 11

Warning: file_get_contents(https://myniceurl.com/file.html): failed to open stream: operation failed in /home/user/public_html/index.php on line 11

<?php

$contextOptions = [
    'ssl' => [
        'verify_peer' => true,
        'cafile' => '/etc/pki/tls/cert.pem',
    ]
];
$context = stream_context_create($contextOptions);

$data = file_get_contents('https://myniceurl.com/file.html', false, $context);

I've tried many solutions from different forums, but none helped. When I try to fetch a page from other sites over HTTPS it works, even I tried to fetch (over HTTPS) the same HTML page on my local machine, it worked properly. I thought the server cannot communicate itself. For investigation purposes, I changed HTTP and it worked properly.

I have tried so far:

1. Downloaded certificate bundle, added it php.ini file
2. verify_peer = true and CAfile for stream_context_create

I also confirm that allow_url_fopen is working. Due to the specialized nature of this problem; I’m not finding a lot of information for help. Have any of you come across something like this? Thanks.

Answer 1

I found the reason why this is not working.

It was because of Cloudflare SSL/TLS encryption mode. My selected option was Full strict.

As seen from the image the request has to hit Cloudflare request first, then Cloudflare forwards it to the origin server. However, I added my IP address and hostname to /etc/hosts file, that is why the request was not going out from my network and it causes SSL verification problems.